urlscan.io logo urlscan.io
SecurityTrails logo

www.dailyfaceoff.com Open in urlscan Pro
2606:4700:10::ac43:7b0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.dailyfaceoff.com/
Effective URL: https://www.dailyfaceoff.com/
Submission: On October 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 13 countries across 99 domains to perform 496 HTTP transactions. The main IP is 2606:4700:10::ac43:7b0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dailyfaceoff.com. The Cisco Umbrella rank of the primary domain is 222115.
TLS certificate: Issued by E1 on October 7th 2023. Valid for: 3 months.
This is the only time www.dailyfaceoff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
129 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 34.95.69.49 396982 (GOOGLE-CL...)
3 2600:9000:248... 16509 (AMAZON-02)
1 199.232.196.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
38 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 3 18.165.242.110 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 162.19.56.86 16276 (OVH)
12 2a00:1450:400... 15169 (GOOGLE)
6 13.224.89.83 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 20 185.89.210.101 29990 (ASN-APPNEX)
3 3.126.163.234 16509 (AMAZON-02)
4 216.52.2.30 30282 (AS-INAPCD...)
5 157.90.3.144 24940 (HETZNER-AS)
7 185.64.189.112 62713 (AS-PUBMATIC)
3 185.86.138.122 201081 (SMARTADSE...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
3 2602:803:c003... 26667 (RUBICONPR...)
3 2a02:2638:3::7 44788 (ASN-CRITE...)
3 35.156.243.142 16509 (AMAZON-02)
6 54.171.212.190 16509 (AMAZON-02)
3 35.227.252.103 15169 (GOOGLE)
2 19 104.18.36.155 13335 (CLOUDFLAR...)
4 147.75.84.158 54825 (PACKET)
3 3.126.229.145 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
12 2600:9000:23d... 16509 (AMAZON-02)
1 54.92.137.241 14618 (AMAZON-AES)
2 108.139.243.64 16509 (AMAZON-02)
6 13.32.119.77 16509 (AMAZON-02)
2 69.173.144.137 26667 (RUBICONPR...)
2 3.226.11.122 14618 (AMAZON-AES)
2 54.192.137.23 16509 (AMAZON-02)
2 2.23.78.67 16625 (AKAMAI-AS)
2 18.165.201.38 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 108.156.46.25 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 52.210.247.62 16509 (AMAZON-02)
4 108.139.243.72 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 23.211.9.60 16625 (AKAMAI-AS)
2 162.19.138.120 16276 (OVH)
3 52.223.40.198 16509 (AMAZON-02)
3 2.19.244.232 16625 (AKAMAI-AS)
4 23.212.89.194 16625 (AKAMAI-AS)
4 172.64.149.180 13335 (CLOUDFLAR...)
2 162.55.236.224 24940 (HETZNER-AS)
6 2001:4860:480... 15169 (GOOGLE)
1 141.95.98.64 16276 (OVH)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
2 69.173.144.165 26667 (RUBICONPR...)
1 2 209.54.182.161 16509 (AMAZON-02)
7 7 142.250.185.98 15169 (GOOGLE)
3 4 52.7.64.161 14618 (AMAZON-AES)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 2 34.253.158.202 16509 (AMAZON-02)
2 2 70.42.32.159 13789 (INTERNAP-...)
2 2 35.214.196.36 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 12 2a00:1450:400... 15169 (GOOGLE)
1 4 185.64.190.78 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 13.248.245.213 16509 (AMAZON-02)
13 198.47.127.205 62713 (AS-PUBMATIC)
1 52.95.125.22 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
8 185.64.191.210 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 3 3.65.107.250 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
1 1 52.70.155.97 14618 (AMAZON-AES)
2 3 151.101.130.49 54113 (FASTLY)
5 5 52.18.114.103 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 185.86.139.93 201081 (SMARTADSE...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 64.95.96.108 32475 (SINGLEHOP...)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 2 35.186.193.173 15169 (GOOGLE)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.240.143 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 2 54.77.223.222 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.72.74.77 16509 (AMAZON-02)
3 4 37.157.6.243 198622 (ADFORM)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 64.227.64.62 14061 (DIGITALOC...)
2 2 52.29.154.74 16509 (AMAZON-02)
1 3 142.250.184.198 15169 (GOOGLE)
7 172.217.18.2 15169 (GOOGLE)
2 185.64.190.81 62713 (AS-PUBMATIC)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.88.86.2 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 141.94.171.216 16276 (OVH)
1 2.23.197.190 16625 (AKAMAI-AS)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 142.250.185.226 15169 (GOOGLE)
496 110
1    2606:4700:10::6816:337b (United States)

ASN13335 (CLOUDFLARENET, US)
www.dailyfaceoff.com
129    2606:4700:10::ac43:7b0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dailyfaceoff.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    2600:9000:248d:e000:19:b6f1:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)
dn0qt3r0xannq.cloudfront.net
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
dailyfaceoff.disqus.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
38    2600:9000:2251:9c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
rtb.primis.tech
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    18.165.242.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-242-110.lhr61.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    2606:4700:20::ac43:49c2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optmn.cloud
3    2606:4700:10::6816:3d77 (United States)

ASN13335 (CLOUDFLARENET, US)
edge.aditude.io
2    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    162.19.56.86 (France)

ASN16276 (OVH, FR)
PTR: haproxy01.cl13.ovh.mrf.io
events.newsroom.bi
12    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    13.224.89.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-83.zrh50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
flowcards.mrf.io
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
20    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
ams3-ib.adnxs.com
secure.adnxs.com
3    3.126.163.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-163-234.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    216.52.2.30 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    157.90.3.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.3.90.157.clients.your-server.de
shb.richaudience.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    35.156.243.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-243-142.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    54.171.212.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
hb.yellowblue.io
hb.minutemedia-prebid.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
19    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    3.126.229.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-229-145.eu-central-1.compute.amazonaws.com
krk2.kargo.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
12    2600:9000:23d3:6000:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
video.primis.tech
1    54.92.137.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-137-241.compute-1.amazonaws.com
1x1.a-mo.net
2    108.139.243.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-64.mxp63.r.cloudfront.net
config.aps.amazon-adsystem.com
6    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    3.226.11.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-11-122.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    54.192.137.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-137-23.lhr62.r.cloudfront.net
launchpad-wrapper.privacymanager.io
2    2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    18.165.201.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-38.lhr50.r.cloudfront.net
tags.crwdcntrl.net
9    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
259f49d43f9ce59c9f2afc839769d37e.safeframe.googlesyndication.com
2    108.156.46.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-46-25.lhr50.r.cloudfront.net
launchpad.privacymanager.io
5    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    52.210.247.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-247-62.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
4    108.139.243.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-72.mxp63.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    23.211.9.60 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-60.deploy.static.akamaitechnologies.com
acdn.adnxs.com
crcdn01.adnxs-simple.com
cdn.adnxs.com
2    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2.19.244.232 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-232.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.212.89.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-194.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
6    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
4    52.7.64.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-64-161.compute-1.amazonaws.com
i.liadm.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550e:78e7:c13b:e422:f8d2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    34.253.158.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-158-202.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    35.214.196.36 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 36.196.214.35.bc.googleusercontent.com
csync.loopme.me
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
12    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a00:1450:4001:1d::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr4---sn-4g5lznle.googlevideo.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
futbolsites-d.openx.net
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
13    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
8    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    85.114.159.93 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    3.65.107.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-107-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.255.68.171 (Vanves, France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
1    52.70.155.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-155-97.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.18.114.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-114-103.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
cm.ctnsnet.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
2    54.77.223.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-223-222.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.72.74.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-74-77.eu-west-1.compute.amazonaws.com
a.audrte.com
4    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    52.29.154.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-154-74.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
7    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
ade.googlesyndication.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
4    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
130 dailyfaceoff.com
www.dailyfaceoff.com — Cisco Umbrella Rank: 222115
950 KB
50 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
video.primis.tech — Cisco Umbrella Rank: 6090
rtb.primis.tech — Cisco Umbrella Rank: 5697
2 MB
37 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
41 KB
36 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 154
170 KB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903
cdn.adnxs.com — Cisco Umbrella Rank: 1682
secure.adnxs.com — Cisco Umbrella Rank: 495
99 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
259f49d43f9ce59c9f2afc839769d37e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com — Cisco Umbrella Rank: 301
95 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
13 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
147 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
27 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
47 KB
8 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3046
launchpad.privacymanager.io — Cisco Umbrella Rank: 2789
geo.privacymanager.io — Cisco Umbrella Rank: 1825
56 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
9 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
25 KB
7 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3792
sync.richaudience.com — Cisco Umbrella Rank: 1851
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
370 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
3 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
3 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
1x1.a-mo.net — Cisco Umbrella Rank: 2785
9 KB
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
mp.4dex.io — Cisco Umbrella Rank: 2070
27 KB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3509
c1.adform.net — Cisco Umbrella Rank: 599
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
3 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
futbolsites-d.openx.net — Cisco Umbrella Rank: 96249
670 B
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
12 KB
4 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7374
3 KB
4 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
119 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27893
920 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
949 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
722 B
3 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3706
1 KB
3 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2762
1 KB
3 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2448
1 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 984
484 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 aditude.io
edge.aditude.io — Cisco Umbrella Rank: 12392
154 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 cloudfront.net
dn0qt3r0xannq.cloudfront.net
61 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
952 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
cm.ctnsnet.com — Cisco Umbrella Rank: 4186
755 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
514 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
688 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
2 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
868 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
983 B
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
34 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3530
128 B
2 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
768 B
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9321
flowcards.mrf.io — Cisco Umbrella Rank: 21213
35 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
90 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
161 KB
2 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
93 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
88 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
461 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 921
218 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
527 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
104 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
187 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
279 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
552 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
663 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
566 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
589 B
1 googlevideo.com
rr4---sn-4g5lznle.googlevideo.com — Cisco Umbrella Rank: 62959
1 MB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
2 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
280 B
1 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 4239
37 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
10 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
408 B
1 optmn.cloud
cdn.optmn.cloud — Cisco Umbrella Rank: 19088
35 KB
1 disqus.com
dailyfaceoff.disqus.com — Cisco Umbrella Rank: 358037
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
7 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
496 99
Domain Requested by
130 www.dailyfaceoff.com 1 redirects www.dailyfaceoff.com
static.cloudflareinsights.com
cadmus.script.ac
36 live.primis.tech cadmus.script.ac
www.dailyfaceoff.com
live.primis.tech
15 ib.adnxs.com 1 redirects edge.aditude.io
live.primis.tech
acdn.adnxs.com
13 simage2.pubmatic.com ads.pubmatic.com
12 googleads.g.doubleclick.net 2 redirects
12 video.primis.tech live.primis.tech
12 securepubads.g.doubleclick.net cadmus.script.ac
www.dailyfaceoff.com
imasdk.googleapis.com
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.dailyfaceoff.com
tpc.googlesyndication.com
8 image2.pubmatic.com ads.pubmatic.com
7 ade.googlesyndication.com
7 cm.g.doubleclick.net 7 redirects
7 hbopenbid.pubmatic.com edge.aditude.io
live.primis.tech
6 csi.gstatic.com imasdk.googleapis.com
6 aax.amazon-adsystem.com c.amazon-adsystem.com
www.dailyfaceoff.com
6 c.amazon-adsystem.com cadmus.script.ac
www.dailyfaceoff.com
c.amazon-adsystem.com
5 match.prod.bidr.io 5 redirects
5 tpc.googlesyndication.com cadmus.script.ac
imasdk.googleapis.com
tpc.googlesyndication.com
5 htlb.casalemedia.com edge.aditude.io
live.primis.tech
5 shb.richaudience.com edge.aditude.io
live.primis.tech
4 www.youtube.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 i.liadm.com 3 redirects ssum-sec.casalemedia.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com www.dailyfaceoff.com
eus.rubiconproject.com
cadmus.script.ac
4 geo.privacymanager.io cadmus.script.ac
www.dailyfaceoff.com
4 prebid.a-mo.net edge.aditude.io
cadmus.script.ac
4 ap.lijit.com edge.aditude.io
cadmus.script.ac
4 events.newsroom.bi sdk.mrf.io
4 i.clean.gg cadmus.script.ac
3 sync.1rx.io 3 redirects
3 ad.doubleclick.net 1 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 ads.pubmatic.com www.dailyfaceoff.com
cadmus.script.ac
ads.pubmatic.com
3 match.adsrvr.org live.primis.tech
ads.pubmatic.com
ssum-sec.casalemedia.com
3 ams3-ib.adnxs.com cadmus.script.ac
cdn.adnxs.com
3 acdn.adnxs.com cadmus.script.ac
3 imasdk.googleapis.com www.dailyfaceoff.com
cadmus.script.ac
3 hb.minutemedia-prebid.com edge.aditude.io
3 krk2.kargo.com edge.aditude.io
3 rtb.openx.net edge.aditude.io
3 hb.yellowblue.io edge.aditude.io
3 tlx.3lift.com edge.aditude.io
3 bidder.criteo.com edge.aditude.io
3 fastlane.rubiconproject.com edge.aditude.io
3 mp.4dex.io edge.aditude.io
3 prg.smartadserver.com edge.aditude.io
3 btlr.sharethrough.com edge.aditude.io
3 edge.aditude.io cadmus.script.ac
3 sb.scorecardresearch.com 1 redirects
3 dn0qt3r0xannq.cloudfront.net cadmus.script.ac
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.dailyfaceoff.com
cadmus.script.ac
2 www.googleadservices.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 secure.adnxs.com 2 redirects
2 ad.turn.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 p.rfihub.com 2 redirects
2 d5p.de17a.com 2 redirects
2 gum.criteo.com 1 redirects cadmus.script.ac
2 cdn.indexww.com ssum-sec.casalemedia.com
2 csync.loopme.me 2 redirects
2 b1sync.zemanta.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 dis.criteo.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 token.rubiconproject.com eus.rubiconproject.com
2 static.criteo.net cadmus.script.ac
static.criteo.net
2 sync.richaudience.com cadmus.script.ac
2 js-sec.indexww.com www.dailyfaceoff.com
cadmus.script.ac
2 id5-sync.com live.primis.tech
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 launchpad.privacymanager.io cadmus.script.ac
www.dailyfaceoff.com
2 tags.crwdcntrl.net cadmus.script.ac
www.dailyfaceoff.com
2 secure.cdn.fastclick.net cadmus.script.ac
www.dailyfaceoff.com
2 launchpad-wrapper.privacymanager.io cadmus.script.ac
www.dailyfaceoff.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 rtb.primis.tech live.primis.tech
2 prebid-server.rubiconproject.com live.primis.tech
2 config.aps.amazon-adsystem.com cadmus.script.ac
www.dailyfaceoff.com
2 script.4dex.io cadmus.script.ac
2 region1.analytics.google.com www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 polyfill.io cadmus.script.ac
2 connect.facebook.net cadmus.script.ac
2 www.google-analytics.com cadmus.script.ac
www.google-analytics.com
2 www.googletagmanager.com cadmus.script.ac
2 cadmus.script.ac www.dailyfaceoff.com
cadmus.script.ac
2 www.googletagservices.com www.dailyfaceoff.com
cadmus.script.ac
1 ads.playground.xyz 1 redirects
1 stags.bluekai.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 aax-eu.amazon-adsystem.com ads.pubmatic.com
1 eb2.3lift.com cadmus.script.ac
1 futbolsites-d.openx.net cadmus.script.ac
1 rr4---sn-4g5lznle.googlevideo.com
1 yt3.ggpht.com
1 mug.criteo.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 lb.eu-1-id5-sync.com live.primis.tech
1 id.crwdcntrl.net live.primis.tech
1 cdn.adnxs.com cadmus.script.ac
1 crcdn01.adnxs-simple.com cadmus.script.ac
1 s0.2mdn.net www.dailyfaceoff.com
1 cdn.jsdelivr.net cadmus.script.ac
1 www.google.com cadmus.script.ac
1 259f49d43f9ce59c9f2afc839769d37e.safeframe.googlesyndication.com cadmus.script.ac
1 1x1.a-mo.net
1 www.facebook.com
1 flowcards.mrf.io cadmus.script.ac
1 www.google.de
1 cdn.optmn.cloud cadmus.script.ac
1 sdk.mrf.io cadmus.script.ac
1 dailyfaceoff.disqus.com cadmus.script.ac
1 static.cloudflareinsights.com www.dailyfaceoff.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed live.primis.tech
496 152

This site contains no links.

Subject Issuer Validity Valid
dailyfaceoff.com
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2023-09-24 -
2024-10-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-06 -
2023-11-04		 3 months crt.sh
cdn.optmn.cloud
Cloudflare Inc ECC CA-3		 2023-10-05 -
2024-10-03		 a year crt.sh
aditude.io
GTS CA 1P5		 2023-10-26 -
2024-01-24		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-23 -
2023-11-22		 a month crt.sh
www.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01		 2023-02-13 -
2024-03-12		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 52 frames:

Primary Page: https://www.dailyfaceoff.com/
Frame ID: A25EB1C32791D90F17D5BE460D9A1D32
Requests: 278 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=113678&cbuster=1698444204448&cbuster=1698444204&pubUrlAuto=https%3A%2F%2Fwww.dailyfaceoff.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 3EF767291071D61BD400FB6111A7910C
Requests: 53 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: E44C5FED7A133ECE7365FC548E8491F4
Requests: 4 HTTP requests in this frame

Frame: https://259f49d43f9ce59c9f2afc839769d37e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D44F3F2CA70B47547F3F18F3A89B8E20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD59A58ADC9CCB1631CC287C7C52BBF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1691A6F182218071ADC6D3A6EA8CECDF
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvrsOEboDW5T5t5tuZ8EtGLdY-Z377sKbHCyc1GEsZBnoaJHQx0P7TS6IdOl3dnikSkJm63b12_zcrjyjCRyOYhVjNtMwf5AN4XhKxRawTcmUcHQIdTQcN-hKVod1YmB1eBhjafeyOmhDxmD5v3N1DsMeeE2OAuJNrz-cg6ReYWmJhphS9uogI0GvwfWQop6dcV85QfmGKkkSafRdYqOQXQZGSGb6j5WNKc3Pnrv0GtGe36esQ1s_kepD7O2FtkSyC-3PODais8W29FWrY9wcApQojkeNfG9hNQz9mK1KaaqgjQGRhrEGpSvuNS3gk7ieLqNOGeSqCDVRGQzMi_lyqPIuLpNJ9GfsUN6p_JSSIhvGPL22j0pTmytRg8yE4mg&sai=AMfl-YQd5-E3MX9bhtWD5pmW09AiGUHzsUyXw_WQzWc0k8UBlnIHgl5ALYfPvVkClED9mm_LWCIj6iFSWG0lPLqb3HyPqRm9fJxWW5SyGPAWBYxIkGRR2o8w7-t4IadO-3g77UWxp6yod4_k32XSo4E&sig=Cg0ArKJSzIjRQU5fY37MEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E46509403F6915027ABC86F0BCA288B0
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 5ECD8B613BD9C8FA7667A05CF1433546
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DBDE68A51E5B12C5B53EF88C09087F21
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7838&pub_id=997666
Frame ID: D4EFB462F17A64C4D9EB211A1AAEA619
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Frame ID: 3D525CB2B197CDCB56D126F9B5359B56
Requests: 24 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 9980FADC6FCB5806F178151AB526A4C3
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 62247A9A07655EBA16200506B7B5099C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2A18BFBE1BC930EBAD3A7F1701718B1D
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailyfaceoff.com
Frame ID: 352A668A0686EB3B5EF8E0FB6928B136
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5103304C522DABFF960A202653198570
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 947E7B3C563B5EDDC606CFEE2A2ED839
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835
Frame ID: F5B0B322A3177C017721CCCA6ADBE1D4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 25C3B9D4E84753C3B2823A4CC95B5A47
Requests: 3 HTTP requests in this frame

Frame: https://futbolsites-d.openx.net/w/1.0/pd
Frame ID: 1922F7AA4246625F85817848C7DED998
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E30C5BC437DB3D782789B18C84FCD987
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5FBF1A5EAE365C622149B4A319BC42BE
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6C72469F03ADDEAC4B96DD9EB6D1EB11
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=30846396
Frame ID: 579775CB3EFFA0D02466ED78FA3348CE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13418490
Frame ID: EB9C875E81800B47160A30288986C594
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 20E19F21E03905652F543D9995CF4707
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B25261B6-EDE2-464E-8639-81237415D144&redir=true&gdpr=0&gdpr_consent=
Frame ID: AC61089678805C229E76FD289DB7282C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW
Frame ID: 2A5D03F39737E557AA36DD04AFC7A877
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8287462243405912418&gdpr=0&gdpr_consent=
Frame ID: 088BBE186889CF643D9F6690C926F7C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294762331752626332&gdpr=0&gdpr_consent=
Frame ID: 240C97C15F710E7FEDD6E073FB1C8CD1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: E39884D480EAF0FFC627C0DE5DC1BF56
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bc8HxRBXXpNR-zWPr5lWHS2NmE0&gdpr=0&gdpr_consent=
Frame ID: 140B5BF1BC8A87AD151ECB3EC06F2518
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTwzsQAACwH_FAAg
Frame ID: B9F69AB20054CD5454145112A3AE8A2D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9pU7KeGcAABduh9ukXg&gdpr=0&gdpr_consent=
Frame ID: EA44880AFD5AAC506F599892C7B676B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 3D0E853C774422D267A26A80A78B362E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU17cce391a7f648d1ba482c07500c3f38
Frame ID: E86486CA7D2CA056682DBDCEC55FAC94
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 5A3AF8626C70F6AA3FAA2E08DF76B3EC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DDEA5A49A4EBAB2943ADD8770E1AB641
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4935152712030784535
Frame ID: D67574646040E8107E489214003F0EAB
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 5C5A55FCD5D1B2716DCE7F02EAA7FBCE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329214744540
Frame ID: F2A7EF4B5CCFFD808F8A5C4D85BF2127
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 53B49038B7AFB6B2D1CA5615972ECA6F
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 1D10DED0D6C74CA429802319286A5DD0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagVVUXXQYSQWjYYj&gdpr=0&gdpr_consent=
Frame ID: 32988E5354F853BA0F304F147F71AFCE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E06209DE72120ADD0A461948E0CF5F37
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 37BCC574FE986C08750ECAD097760BAD
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B25261B6-EDE2-464E-8639-81237415D144&gdpr=0&gdpr_consent=
Frame ID: FAABE6D69C8718C58AAD954368FD604B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E212B95F250ADB6B23E5F892E628EAF2
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 998CE48CE3FFF6E9375A051C7873DE88
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 202D4385196F1AA5386ACF5272DF611E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4FC39DCB3D064A649B7E8557A4C3A953&gdpr=0&gdpr_consent=
Frame ID: 927CCC2784C57D885CCF3CADF97DE3A6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003
Frame ID: C07E8C0343B0708783FC5CDA0612D194
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Starting Goalies, Line Combinations, NHL News, Opinion, and Analysis - Daily Faceoff

Page URL History Show full URLs

  1. http://www.dailyfaceoff.com/ HTTP 308
    https://www.dailyfaceoff.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

496
Requests

93 %
HTTPS

36 %
IPv6

99
Domains

152
Subdomains

110
IPs

13
Countries

6472 kB
Transfer

13262 kB
Size

115
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dailyfaceoff.com/ HTTP 308
    https://www.dailyfaceoff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 123
  • https://sb.scorecardresearch.com/cs/7161055/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 323
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 329
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENsLMD1oV4qw8WxmpZSrAfU&google_cver=1
Request Chain 331
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTwzr3PgpIElCasoWgOXSQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUZvnAtLJuxpwr7zyBGo-4&google_cver=1
Request Chain 332
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTwzr3PgpIElCasoWgOXSQAA%263343&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTwzr3PgpIElCasoWgOXSQAA%263343&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b63a2fc8bd904a64816f4163a2633169 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PpDxrWPl599_UvvEwiKxZZfGmuW9sNUOXLjlaw HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PpDxrWPl599_UvvEwiKxZZfGmuW9sNUOXLjlaw
Request Chain 333
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=rnt1kAa0n2eG09etZIkK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343&tc=1
Request Chain 334
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZTwzr3PgpIElCasoWgOXSQAA%263343?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTwzr3PgpIElCasoWgOXSQAA%263343
Request Chain 335
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 336
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a1b8b12-ce9b-4c62-b5ba-1919f51b1ddc&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 341
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dailyfaceoff.com&sn=ChromeSyncframe&so=0&topUrl=www.dailyfaceoff.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=i39id3xvaC9jR2NDQzNKK1habFNMUlRPQWxYN1phOUlORU9hVTV0ODBPTXRlbzlKSGN6MldGK3lhbWxFdFFCSEVXUEVIYjdLV2dFdm1LQzNOdGQzbjZTcjlQK1JLa0RKMWcxQjBNWHBTVkhJdmJhUHFEUDhzVkJrc25OWUpTc3N2NENESU85K0IrK05Odk9TazZOaUtQc3lWaGpFT3I4THRwRjVqNXd0Vlh5RDdCWkZQYlBmTXoyT3ZVQXFPRis2ZFVXcWJoTHE0bU5mZGtzbWIxTWdpY29KaVlvMVVCRGt4ZXZkdldKT3RZeXpBWmdKdGk3TkI3U2d0UzBkZGc2Sk5iSDJPZjR4VmpVNjUxd1BYc1UwNkdTVEJZSjdNNWIvajFDY3RTWkdJZlJpY0VBWT18&cppv=2
Request Chain 365
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 367
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW
Request Chain 368
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8287462243405912418&gdpr=0&gdpr_consent=
Request Chain 369
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294762331752626332&gdpr=0&gdpr_consent=
Request Chain 370
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c8c7873d-751d-41d7-8ec2-a3e6b8637830&expires=1&user_group=2&ssp=pubmatic&bsw_param=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 371
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bc8HxRBXXpNR-zWPr5lWHS2NmE0&gdpr=0&gdpr_consent=
Request Chain 372
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTwzsQAACwH_FAAg
Request Chain 373
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEOXBVN0tlR2NBQUJkdWg5dWtYZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAD9pU7KeGcAABduh9ukXg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD9pU7KeGcAABduh9ukXg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAD9pU7KeGcAABduh9ukXg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2241806176921324299&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9pU7KeGcAABduh9ukXg&gdpr=0&gdpr_consent=
Request Chain 374
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 375
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU17cce391a7f648d1ba482c07500c3f38
Request Chain 376
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 378
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4935152712030784535
Request Chain 380
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329214744540
Request Chain 383
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0a55622d38d4c33c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JagVVUXXQYSQWjYYj%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JagVVUXXQYSQWjYYj%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagVVUXXQYSQWjYYj&gdpr=0&gdpr_consent=
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=slJhtu3iRk6GOYEjdBXRRA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 386
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1064245090 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B25261B6-EDE2-464E-8639-81237415D144
Request Chain 387
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B25261B6-EDE2-464E-8639-81237415D144 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTAyYldFU3pEZnFTNi1VY3hUd211MUwwZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8955987516037424013&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjI1MjYxQjYtRURFMi00NjRFLTg2MzktODEyMzc0MTVEMTQ0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5y3aCKxvcXpCVUddbRxSo&google_cver=1
Request Chain 391
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8955987516037424013
Request Chain 396
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4294739934230002354&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 398
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5eab5d25-134c-4cbf-9beb-a7c140b66514&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 409
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8287462243405912418
Request Chain 410
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pd3CufmI1QWuVt5
Request Chain 411
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTwzsQAACwH_FAAg
Request Chain 412
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322329214744540
Request Chain 413
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=aa3f65c769374df89b1ce0ac593ef81a&expiration=1701036211
Request Chain 416
  • https://ad.doubleclick.net/ddm/trackimp/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896;dc_trk_aid=569609914;dc_trk_cid=202625982;ord=1230045539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=4 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896;dc_pre=CKm7rd-dl4IDFarVEQgdjhsKeA;dc_trk_aid=569609914;dc_trk_cid=202625982;ord=1230045539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=4
Request Chain 437
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 440
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4FC39DCB3D064A649B7E8557A4C3A953&gdpr=0&gdpr_consent=
Request Chain 441
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1698444214060 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1552421305 HTTP 302
  • https://sync.1rx.io/usersync/turn/4294739934230002354?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003
Request Chain 443
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B25261B6-EDE2-464E-8639-81237415D144&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B25261B6-EDE2-464E-8639-81237415D144&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 444
  • https://pixel.onaudience.com/?partner=214&mapped=B25261B6-EDE2-464E-8639-81237415D144&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=6d76c542e1871a3f
Request Chain 445
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8287462243405912418
Request Chain 460
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CvF7jrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAGgBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&sig=AOD64_2bhkDBvvmc8Cop4nc__W1pltkaUw&client=ca-video-pub-1320774679920841&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ctype=110&label=video_10s_engaged_view&ad_mt=10225&nis=5&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAHABW6gBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&client=ca-video-pub-1320774679920841&ctype=110&label=video_10s_engaged_view&ad_mt=10225&nis=5&dblrd=1&sig=AOD64_30vVGKpi7dmm4ZeVDRRl-1GofRzQ&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1
Request Chain 478
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CvF7jrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAGgBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&sig=AOD64_2bhkDBvvmc8Cop4nc__W1pltkaUw&client=ca-video-pub-1320774679920841&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1&ctype=110&label=video_engaged_view HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAHABW6gBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&client=ca-video-pub-1320774679920841&ctype=110&label=video_engaged_view&dblrd=1&sig=AOD64_30vVGKpi7dmm4ZeVDRRl-1GofRzQ&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1

496 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dailyfaceoff.com/
Redirect Chain
  • http://www.dailyfaceoff.com/
  • https://www.dailyfaceoff.com/
109 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
e5b9953547fbf8a5b445207cf320f92a314fe18741b78e558aac727ddba6dff0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81ce3a9399565bf1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:03:24 GMT
server
cloudflare
strict-transport-security
max-age=63072000
x-matched-path
/
x-powered-by
Next.js
x-vercel-cache
HIT
x-vercel-id
fra1::cle1::4z5dg-1698444204124-6e76fcfe36f4

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
81ce3a933b1c9963-FRA
Connection
keep-alive
Content-Type
text/plain
Date
Fri, 27 Oct 2023 22:03:24 GMT
Location
https://www.dailyfaceoff.com/
Refresh
0;url=https://www.dailyfaceoff.com/
Server
cloudflare
Transfer-Encoding
chunked
image
www.dailyfaceoff.com/_next/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FUSATSI_21652704_168383996_lowres-scaled.jpg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2caa974d7665ec8b54d3068650888b9180502b015283f5b69fba9b6dadd2e46a
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
15534
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="USATSI_21652704_168383996_lowres-scaled.webp"
content-length
39658
last-modified
Fri, 27 Oct 2023 14:47:38 GMT
x-vercel-id
fra1::q2klw-1698428670694-fd0116a44d8b
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a93f98c5bf1-FRA
gpt.js
www.googletagservices.com/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcec6cc997aa70da604139ad55428aa079c0bb72f9c56bcd01bbd13ed35b130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29116
x-xss-protection
0
server
cafe
etag
288 / 19657 / 31079110 / config-hash: 13942866851986637457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:03:24 GMT
b61016db7bba411f.css
www.dailyfaceoff.com/_next/static/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/css/b61016db7bba411f.css
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e685bd4d9d9b602daff6f98766e32cedaa9e670d294adde5fc6ce662f2573d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
604299
content-disposition
inline; filename="b61016db7bba411f.css"
x-vercel-id
gru1::f887k-1695710856299-8e3e206cdac9
server
cloudflare
x-matched-path
/_next/static/css/b61016db7bba411f.css
etag
W/"98f629791e97eeef817b2d2a40fdc1ce"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a93f98e5bf1-FRA
script.js
cadmus.script.ac/dc19s0tq5ynbc/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923632cafec423acc02c425b1e733ba1f715391a67d36fec7c1d3156170d5c71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 16:39:42 GMT
server
cloudflare
age
0
etag
W/"df69c18a6b7ca223bebd3a6b46665609cb2af612"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81ce3a94a8565c14-FRA
4359.0dca074d69b5c18e.js
www.dailyfaceoff.com/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/4359.0dca074d69b5c18e.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0fbb77cd3405dbf120d958704831ca81e7d590b2f78431d20acd9493f124cb7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
364705
content-disposition
inline; filename="4359.0dca074d69b5c18e.js"
x-vercel-id
fra1::zvcr7-1698079499795-c5804f822dd0
server
cloudflare
x-matched-path
/_next/static/chunks/4359.0dca074d69b5c18e.js
etag
W/"b94f57d7cefbec7c728aed3e775572b1"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429af5bf1-FRA
8874.14854d1e7b28d510.js
www.dailyfaceoff.com/_next/static/chunks/ 		1 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8874.14854d1e7b28d510.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714b7407d185b4c1f3059d9443f90413edd4609012c36baac81d01992f913008
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
591133
content-disposition
inline; filename="8874.14854d1e7b28d510.js"
x-vercel-id
syd1:syd1::rnxx8-1683724598107-e3c268815689
server
cloudflare
x-matched-path
/_next/static/chunks/8874.14854d1e7b28d510.js
etag
W/"5b8691421cc0bb3a3a38ab57befea6dd"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429b15bf1-FRA
webpack-24d93b2020f68661.js
www.dailyfaceoff.com/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/webpack-24d93b2020f68661.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466d845199969b74e099d521272075374d5cc1b1c28b94f3f6fa121ff0fe5926
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1492083
content-disposition
inline; filename="webpack-24d93b2020f68661.js"
x-vercel-id
gru1::89j6c-1696950962766-dea9f0582a30
server
cloudflare
x-matched-path
/_next/static/chunks/webpack-24d93b2020f68661.js
etag
W/"7a30e1439279370eb412b82af15d0820"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429b35bf1-FRA
framework-dfb66ead2ff5a1a7.js
www.dailyfaceoff.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/framework-dfb66ead2ff5a1a7.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62315e238f1c1ec55dfce9202d2ecedd042d968075bc4646bcc3e20edd38c212
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
18427505
content-disposition
inline; filename="framework-dfb66ead2ff5a1a7.js"
x-vercel-id
syd1:syd1::s4jz8-1680015843557-52a19d86b4dc
server
cloudflare
x-matched-path
/_next/static/chunks/framework-dfb66ead2ff5a1a7.js
etag
W/"c3a219d9803d78cece2512476740b0c9"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429b45bf1-FRA
main-7533f0a615197612.js
www.dailyfaceoff.com/_next/static/chunks/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/main-7533f0a615197612.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e19f6dfb0cc5defd6d462aafce266c6f6bed63500aaa26225460ed08dd4ebf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
18427505
content-disposition
inline; filename="main-7533f0a615197612.js"
x-vercel-id
syd1:syd1::kjpkb-1680015842791-5c417ba9a9c2
server
cloudflare
x-matched-path
/_next/static/chunks/main-7533f0a615197612.js
etag
W/"b96b02cfa8a307c5a4955c30bc478fc2"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429b55bf1-FRA
_app-cf9cf791326c77a6.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/_app-cf9cf791326c77a6.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030dc3d4c76a9e1455644574ca644448fffd8edf570ad08ca3cd88fd93f912fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
250506
content-disposition
inline; filename="_app-cf9cf791326c77a6.js"
x-vercel-id
fra1::qt2hs-1698193698562-234678bd3a3d
server
cloudflare
x-matched-path
/_next/static/chunks/pages/_app-cf9cf791326c77a6.js
etag
W/"34d04f56aa1f5d19bcebb4c70ac7089c"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429b75bf1-FRA
6930-28017ead59698f50.js
www.dailyfaceoff.com/_next/static/chunks/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6930-28017ead59698f50.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4fec1eb01cadd69cae4a07801c7b799fae9dd2183f3a508da4636cc73e0247
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
18427505
content-disposition
inline; filename="6930-28017ead59698f50.js"
x-vercel-id
syd1:syd1::4t2xq-1680015842623-aae905f50a83
server
cloudflare
x-matched-path
/_next/static/chunks/6930-28017ead59698f50.js
etag
W/"85665c7eb739c264a41762ddf2fa1219"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429b85bf1-FRA
9734-f5703dbf0a8e8472.js
www.dailyfaceoff.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/9734-f5703dbf0a8e8472.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7beb1d5568b1eb43005f615592c4cec893fee9c3253a6382a5fa7a415cf9bd79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2731404
content-disposition
inline; filename="9734-f5703dbf0a8e8472.js"
x-vercel-id
gru1::4ncnc-1695710437091-0fb86da53159
server
cloudflare
x-matched-path
/_next/static/chunks/9734-f5703dbf0a8e8472.js
etag
W/"806d243ff6531e39e69126088a06e15b"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429b95bf1-FRA
8865-011ceac6bb7d897c.js
www.dailyfaceoff.com/_next/static/chunks/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8865-011ceac6bb7d897c.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
212a077fc8d15db8bb5d801963a24f52542b8af89e59f5ee151c5fbbc1235dea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
250506
content-disposition
inline; filename="8865-011ceac6bb7d897c.js"
x-vercel-id
fra1::lf94w-1698193698986-e34c9930243b
server
cloudflare
x-matched-path
/_next/static/chunks/8865-011ceac6bb7d897c.js
etag
W/"7894cf96cf4df8f73f0223ccd7b69c2a"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429bb5bf1-FRA
802-c672229d3ef35634.js
www.dailyfaceoff.com/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/802-c672229d3ef35634.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33db68ab9d17ea9fa1a0c8e2291be98094f621f0c12a664384aa4182a5a3715e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
592751
content-disposition
inline; filename="802-c672229d3ef35634.js"
x-vercel-id
gru1::d48l5-1695962704371-a68e6ac6cc08
server
cloudflare
x-matched-path
/_next/static/chunks/802-c672229d3ef35634.js
etag
W/"96b19d200e940914847fbbb6cb27bf70"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9429bc5bf1-FRA
837-d91ae1882e772479.js
www.dailyfaceoff.com/_next/static/chunks/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/837-d91ae1882e772479.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741108ae832e77a0bfb152fdd2923d055cf45f4332f60b32800c4fa609a90374
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2477861
content-disposition
inline; filename="837-d91ae1882e772479.js"
x-vercel-id
gru1::g49hc-1695962704355-6b110d81b9d1
server
cloudflare
x-matched-path
/_next/static/chunks/837-d91ae1882e772479.js
etag
W/"7adb9b689dd118078da5ed16ca1254a9"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9439be5bf1-FRA
7798-fcb34c8ff1c5aa65.js
www.dailyfaceoff.com/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/7798-fcb34c8ff1c5aa65.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611507bbabf28ba655ff46a9c2f4e0f30b2865408636783d283a86d93189f429
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
250506
content-disposition
inline; filename="7798-fcb34c8ff1c5aa65.js"
x-vercel-id
fra1::cpf7r-1698193698985-9b2e95f5ca5e
server
cloudflare
x-matched-path
/_next/static/chunks/7798-fcb34c8ff1c5aa65.js
etag
W/"9ff1413cd2ba201a633d33c192b320d5"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9439c05bf1-FRA
index-fe53c655bf0aac0f.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/index-fe53c655bf0aac0f.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1400b94e62135a07b8794d3c7974d851cc2e914dc1d0fb93ba7f03c0b189e905
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2729244
content-disposition
inline; filename="index-fe53c655bf0aac0f.js"
x-vercel-id
gru1::sgxjq-1695710436997-81157ddac2ef
server
cloudflare
x-matched-path
/_next/static/chunks/pages/index-fe53c655bf0aac0f.js
etag
W/"392dca7f87cee6a6098d87ffafdc35f3"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9439c15bf1-FRA
_buildManifest.js
www.dailyfaceoff.com/_next/static/ikpOQznQlisf-MF_BF119/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/ikpOQznQlisf-MF_BF119/_buildManifest.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83769670204f19ffa20a92887cb9b00769927d0fc60b70c94252030941a56225
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
250506
content-disposition
inline; filename="_buildManifest.js"
x-vercel-id
fra1::hxgf7-1698193698565-8f7e6b3e69f0
server
cloudflare
x-matched-path
/_next/static/ikpOQznQlisf-MF_BF119/_buildManifest.js
etag
W/"295c7612442b1dc2b34ebd18d9bf92fe"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9439c25bf1-FRA
_ssgManifest.js
www.dailyfaceoff.com/_next/static/ikpOQznQlisf-MF_BF119/ 		629 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/ikpOQznQlisf-MF_BF119/_ssgManifest.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3ca049a956dcf79390d6ca118b1b631c705c905a987a1460e8175dc06f12b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
250506
content-disposition
inline; filename="_ssgManifest.js"
x-vercel-id
fra1::jl7kc-1698193698561-9772fa371449
server
cloudflare
x-matched-path
/_next/static/ikpOQznQlisf-MF_BF119/_ssgManifest.js
etag
W/"b92509ac4146e4ed34a176cfccdd25b9"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a9439c45bf1-FRA
css2
fonts.googleapis.com/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 21:00:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 Oct 2023 22:03:24 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.dailyfaceoff.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
81ce3a945cf96907-FRA
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options
nosniff
age
342077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 23:02:07 GMT
standard.905db491.svg
www.dailyfaceoff.com/_next/static/media/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/static/media/standard.905db491.svg
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42e18ef245c24dc9fddc4634bb45e82da91636a80aeafee95cb13d9b739117c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
4770397
content-disposition
inline; filename="standard.905db491.svg"
x-vercel-id
syd1:syd1::26zb6-1678417049333-6e6b3a49bf1a
server
cloudflare
x-matched-path
/_next/static/media/standard.905db491.svg
etag
W/"55f956c9d3b074f5688a54ff43de5191"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a949a0f5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F07%2FSE5_0843-scaled.jpg&w=256&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444648323745843fa6c9dbd51b320dfdacd718d27699d779310b87b92f5a27a2
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
25170
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="SE5_0843-scaled.webp"
content-length
13046
last-modified
Fri, 27 Oct 2023 12:55:05 GMT
x-vercel-id
fra1::msblm-1698419034814-8ecd88d99b77
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a949a165bf1-FRA
image
www.dailyfaceoff.com/_next/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FOilers-Flames_FINAL.jpg&w=256&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
660797c49f533020143df901172bae184da6973eadef65d29ecc4f69c55d1743
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
15534
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="Oilers-Flames_FINAL.webp"
content-length
12678
last-modified
Fri, 27 Oct 2023 17:41:03 GMT
x-vercel-id
fra1::6gwbz-1698428670754-6ad3104cc2dd
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a949a175bf1-FRA
image
www.dailyfaceoff.com/_next/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FDFSChartsOct27.png&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e67335c603ef9a7dc07cda3f956cf34ced7befb61dbd12374ae28bcf3682531
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
5551
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="DFSChartsOct27.webp"
content-length
31222
last-modified
Fri, 27 Oct 2023 18:46:08 GMT
x-vercel-id
fra1::7mkgz-1698438653465-6d1f83040c04
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a94aa1a5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FHartman-RyanMIN-2024.png&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050c0d9511bae6a567e94d1b81c5a673e64b32b308caa21167e4c5e61dc56082
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
26763
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="Hartman-RyanMIN-2024.webp"
content-length
46030
last-modified
Fri, 27 Oct 2023 14:27:29 GMT
x-vercel-id
fra1::l7qhw-1698417441419-0d5f64d8d9a9
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a94aa1c5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F04%2FUSATSI_20287301-1.jpg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55307baebb414e28a8a9efa6ab6792c4186925ed493b00017277f4f5f72b73a1
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
91833
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="USATSI_20287301-1.jpg"
content-length
45168
cf-bgj
h2pri
last-modified
Thu, 26 Oct 2023 20:32:51 GMT
x-vercel-id
fra1::h6xwq-1698352371152-4193a3695640
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a94aa1e5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2F9B1D0C45-5F5F-42D0-8F6B-E6134603ECE7.jpeg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94bd1dff2b8bf4be2d2f75bcf67e61029e5b53d75e4ea27e0c4356a98d45936
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
15533
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="9B1D0C45-5F5F-42D0-8F6B-E6134603ECE7.webp"
content-length
24710
last-modified
Fri, 27 Oct 2023 16:58:20 GMT
x-vercel-id
fra1::nthnv-1698428671225-982e87f76cf0
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a94aa1f5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2F3AFF57B5-25D7-44F8-BE82-015C38BDF2F5.jpeg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648a37cdb9a12dfff993e1cc6fada2f2ffad3f11863338175728b5b889015c55
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
94404
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="3AFF57B5-25D7-44F8-BE82-015C38BDF2F5.webp"
content-length
23038
last-modified
Thu, 26 Oct 2023 17:31:49 GMT
x-vercel-id
fra1::54vff-1698349800295-c306509dcdf1
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a94aa205bf1-FRA
image
www.dailyfaceoff.com/_next/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FC3610E3C-EA2C-4092-B0F9-2A8B0C2D0158.jpeg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26d2abeb4371a352156672f104dc7c72e0e22b14a608f44d1eb31e44964b95b0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
183055
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="C3610E3C-EA2C-4092-B0F9-2A8B0C2D0158.webp"
content-length
26098
last-modified
Wed, 25 Oct 2023 17:14:43 GMT
x-vercel-id
fra1::87csj-1698261149566-d2e758549a79
server
cloudflare
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ce3a94aa225bf1-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fboston-bruins.88e539fd.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afbf2f12b4f81e325d436613f0994b0a25ce4dea459fd2a5fd20ca5d5b93d7fc
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911091
content-disposition
inline; filename="boston-bruins.webp"
content-length
6842
last-modified
Tue, 13 Jun 2023 17:40:49 GMT
x-vercel-id
gru1::b22vc-1686742758358-4c465d8dbdb9
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa235bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fbuffalo-sabres.ba67a2d8.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2f13a01b414123afd25f281e7f06ae7e99e9bc3774f74b8cd8b8a9695f61fc
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911091
content-disposition
inline; filename="buffalo-sabres.webp"
content-length
6362
last-modified
Sat, 17 Jun 2023 08:23:31 GMT
x-vercel-id
gru1::jvtmn-1687495162048-f431e8156d7f
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa245bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdetroit-red-wings.113890ed.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7906dd8ee5297a81dfb6958ea188e72b1c889b2a162f67077476e2b3dcd43a24
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="detroit-red-wings.webp"
content-length
6276
last-modified
Mon, 21 Aug 2023 06:33:07 GMT
x-vercel-id
gru1::56gch-1694801751851-6766c06e0eee
server
cloudflare
x-matched-path
/_next/static/media/detroit-red-wings.113890ed.png
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa255bf1-FRA
image
www.dailyfaceoff.com/_next/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fflorida-panthers.67f4950b.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c185418c3c0126b6bdc8f4bdbbcac2699df371dc8932d29a23b17405ef4558
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
146547
content-disposition
inline; filename="florida-panthers.webp"
content-length
7914
last-modified
Sun, 22 Oct 2023 08:26:12 GMT
x-vercel-id
fra1::ll2h6-1698297657303-9d630cb4b60c
server
cloudflare
x-matched-path
/_next/static/media/florida-panthers.67f4950b.png
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa275bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fmontreal-canadiens.ca64a529.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e415ce18d1c20134aa56944a491f4e954ebf91b77656ebef2433e52cf481265
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="montreal-canadiens.webp"
content-length
6020
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::xhts8-1686742758651-1c7bb9156ffd
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa285bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fottawa-senators.df9fa045.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d267b27ee5f06ff7c3409835a916da8cbfff5f4d0fd4f575d1420c855ff6fe5
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
582020
content-disposition
inline; filename="ottawa-senators.webp"
content-length
5886
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::b22vc-1686740024883-d498a00b98ff
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa295bf1-FRA
image
www.dailyfaceoff.com/_next/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftampa-bay-lightning.c651a731.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef6e3d20bdf9828968f99d6cadd764d147cf494947cbfdafdbb611760cb5d5a9
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="tampa-bay-lightning.webp"
content-length
8614
last-modified
Thu, 08 Jun 2023 20:10:04 GMT
x-vercel-id
gru1::79pv5-1686742758550-14e69c4c77e7
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa2b5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftoronto-maple-leafs.8688d30a.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e00fc9cfa7db225365e542d39be275242939d77efb176591250bb555692913
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
582019
content-disposition
inline; filename="toronto-maple-leafs.webp"
content-length
7312
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::vqtvn-1686744774496-db56e81e70a4
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa2d5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Farizona-coyotes.a0dc02ee.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd6d4008a513ebda17dab40bafc1ff439ac084bfee57e6e4259ea741bcf67f3
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
146547
content-disposition
inline; filename="arizona-coyotes.webp"
content-length
7036
last-modified
Sun, 22 Oct 2023 11:17:03 GMT
x-vercel-id
fra1::cnrsq-1698297657162-9acc6b62406f
server
cloudflare
x-matched-path
/_next/static/media/arizona-coyotes.a0dc02ee.png
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa2e5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fchicago-blackhawks.ee37f442.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d24e19854f8b2802d7d9c4a93b08ce89ebd2b544bade662b5dd59573969ecc9
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2472781
content-disposition
inline; filename="chicago-blackhawks.webp"
content-length
6664
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::xhts8-1686739443323-200c70bf4ed7
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa2f5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcolorado-avalanche.b7138c02.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb383daf5ac5f98ee1e961fe37ddf9f91e931bb1d0ab0bb07eb0b821e5ff8e11
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="colorado-avalanche.webp"
content-length
6298
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::c9vwm-1686742758387-54a18817cddc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa305bf1-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdallas-stars.d5ec2749.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a22a3757060d4ec2f043ad5697391c3b189408f55395c733db8ddeeef5183e
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="dallas-stars.webp"
content-length
5624
last-modified
Tue, 16 May 2023 18:57:17 GMT
x-vercel-id
gru1::mrvms-1686739948521-62f36d22f9da
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa325bf1-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fminnesota-wild.72839331.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a464f656557d4f3533034f21ce23ce2fd1abfb82a2e43a7e4c7ee51e3fdca57
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911091
content-disposition
inline; filename="minnesota-wild.webp"
content-length
5366
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::mrvms-1686742758665-11b727928740
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa335bf1-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnashville-predators.76750da4.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a64265352b73d13aa9ad12d5e2a303bb4116082641468d8b2cbdf58acac90a1
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2472781
content-disposition
inline; filename="nashville-predators.webp"
content-length
6872
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::9p6dj-1686740668718-0f6e893a18fc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa365bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fst-louis-blues.9809041a.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e381e6206bcf05d9361a7a607f8746a696929868662a1189df33e5fae31fbbdb
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="st-louis-blues.webp"
content-length
5798
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::jtzvq-1686740024891-9c882c70e016
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa375bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwinnipeg-jets.61d1cf52.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b9fdb121825cd610e3b74c681f5c2b8ff67c5dfdaff39db0c87c1d38aebe53
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
146547
content-disposition
inline; filename="winnipeg-jets.webp"
content-length
5948
last-modified
Sun, 22 Oct 2023 11:17:03 GMT
x-vercel-id
fra1::bfqbt-1698297657449-8ef1ce54992f
server
cloudflare
x-matched-path
/_next/static/media/winnipeg-jets.61d1cf52.png
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa385bf1-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcarolina-hurricanes.b2eafb35.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7ee2a418043698daf720cd177a4f0b5172484a05fc604cc0294b099ed0c647
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
582019
content-disposition
inline; filename="carolina-hurricanes.webp"
content-length
5442
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::ltv4x-1686739443311-83d699e28afb
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa395bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcolumbus-blue-jackets.6342c43e.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79795edd32df5096ab7052f4d9c66d0fd6a5a515ca405792f56d0e334e71734
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="columbus-blue-jackets.webp"
content-length
6574
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::4kcl8-1686742758380-2aa142e97c23
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa3a5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-jersey-devils.efa88323.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224dec49965a4bc596215b09bff280e01af7361134187ccbcb09673de47a9715
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="new-jersey-devils.webp"
content-length
6478
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::lzqjz-1686740668615-4158e9208efc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa3b5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-york-islanders.e5861a8d.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5061a5007eb8d4180f555ba0848d0fe3f87928aec22825c7b76ee82f65fd4ffb
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="new-york-islanders.webp"
content-length
6268
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::tdnl4-1686742758543-eead1de7c053
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa3c5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-york-rangers.3ba5ca3f.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7a3ac0e70919989eeb785a9022d521f2f62ccc60ad907db13b1d6a546e3950
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
146547
content-disposition
inline; filename="new-york-rangers.webp"
content-length
6028
last-modified
Sun, 22 Oct 2023 15:00:32 GMT
x-vercel-id
fra1::bfqbt-1698297657321-e2f38f559e8b
server
cloudflare
x-matched-path
/_next/static/media/new-york-rangers.3ba5ca3f.png
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa3d5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fphiladelphia-flyers.b02d81e7.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b2caa8dc8f84c85efa039743ebbc7331fa840f544671544345c601ae88c277
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="philadelphia-flyers.webp"
content-length
5312
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::79pv5-1686746290600-1960395618f4
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa3f5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fpittsburgh-penguins.e5b4fa3e.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81213e01b51d8d11f09d46a132fd11f9c8c1028e5d3d711254c4c05754623a7
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911091
content-disposition
inline; filename="pittsburgh-penguins.webp"
content-length
6420
last-modified
Mon, 15 May 2023 09:55:39 GMT
x-vercel-id
gru1::z5mst-1686740025345-21e6a4f0e176
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa405bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwashington-capitals.832b005a.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65dc10bdae421dcbb55ba2750df1d03f818100312c66e891cd89d8401033a795
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="washington-capitals.webp"
content-length
5994
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::lw9hf-1686744775147-4a3eef865e9e
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa415bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fanaheim-ducks.d68079e8.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98f395bb8929b75791c82b3ef51416bdee0a0b4ef9f7f1fa06793cd5ce77316
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="anaheim-ducks.webp"
content-length
5718
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::qlkj8-1686788333316-d04c5a3b23dc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa435bf1-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcalgary-flames.f2f92abb.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1818e9f455a694eff3539467735274a6be6d4355a6e47a6545e46d984df0187
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1786437
content-disposition
inline; filename="calgary-flames.webp"
content-length
6712
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::xhts8-1686740668630-aa2ccb97e2ce
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa445bf1-FRA
image
www.dailyfaceoff.com/_next/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fedmonton-oilers.633226bf.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b36491a598a385ee55fad7149712befe6be8f47eb58be511e560ee0bb2e3635
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2469630
content-disposition
inline; filename="edmonton-oilers.webp"
content-length
8256
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::9vmq9-1686788333507-69a5b93c226f
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa455bf1-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flos-angeles-kings.594c8b28.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a92be1a9cd1d6b36e5e9a8405ba52e0048926a2c29b785a1719a7a4f0c04bea
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2469629
content-disposition
inline; filename="los-angeles-kings.webp"
content-length
4812
last-modified
Sat, 17 Jun 2023 08:23:31 GMT
x-vercel-id
gru1::65frl-1687953204024-820d9afde48f
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa465bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fsan-jose-sharks.fd532d67.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44555bbe54bd61ebd3bcd2046a94e52fdd95e054ecb24f93c758fb9a7387f531
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="san-jose-sharks.webp"
content-length
6466
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::qr8np-1686740025403-80da256981e6
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa485bf1-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fseattle-kraken.9d4491a7.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd10b6dff01533ad0ad1a6d06296c246270001ed05b326d2d377ec219442f54
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911090
content-disposition
inline; filename="seattle-kraken.webp"
content-length
5610
last-modified
Mon, 15 May 2023 09:55:39 GMT
x-vercel-id
gru1::qr8np-1686740025535-8c76b81282ce
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa4a5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fvancouver-canucks.e4b10e26.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3536952a4a1c0a15e8ad6fe8993a2e7fbf2fde8bc537b4a77c8684aa6521da
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
147809
content-disposition
inline; filename="vancouver-canucks.webp"
content-length
6624
last-modified
Sun, 22 Oct 2023 09:00:53 GMT
x-vercel-id
fra1::rfdtx-1698296395724-c8fcf1fa1b0f
server
cloudflare
x-matched-path
/_next/static/media/vancouver-canucks.e4b10e26.png
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa4c5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fvegas-golden-knights.0e0640fa.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c5ff159e7d983540e9065f29ec868fa182eb199438e25bbf52a4d093682683
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2911091
content-disposition
inline; filename="vegas-golden-knights.webp"
content-length
5012
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::wvpjr-1686740025510-e15186d4b4a7
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa4d5bf1-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fplaymaker-logo.45e179eb.webp&w=256&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c36b426ba3041eaf0bbf7c9230e8feaf7c3e6a9b8a5c3e95b47780332ce87ee4
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3430771
content-disposition
inline; filename="playmaker-logo.webp"
content-length
6166
last-modified
Mon, 15 May 2023 07:56:03 GMT
x-vercel-id
gru1::t8ktk-1686742655233-3533ae7ba2bc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81ce3a94aa4f5bf1-FRA
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 27 Oct 2023 22:03:24 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid-load.js
dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/prebid-load.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248d:e000:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccc17794bb562f5d3003d7618d3f6e3815bb4da70e2a0b4e5dcead5784519288

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
8pm5Cv_cBYqpsNjYnuTtXCOqvGqtg8s1
content-encoding
br
via
1.1 e36fe0bdae95008c3ad3d675228af1aa.cloudfront.net (CloudFront)
date
Fri, 27 Oct 2023 21:19:49 GMT
x-amz-cf-pop
MXP64-P2
age
3176
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 13:59:37 GMT
server
AmazonS3
etag
W/"83d1e6b557cc59d34a9080eff1f14b0a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
-sXLH1UPBN-Fr4m8pwxQkmRiId1XXI5AQ7Z3AVk1RYMpoPe7Kiw-qw==
count.js
dailyfaceoff.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyfaceoff.disqus.com/count.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
39
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 26 Oct 2023 19:17:55 GMT
Server
nginx
ETag
"653abb63-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
BqFkkmzlbk5z1Y3oM4szyazapCYPLE_0UjBAybtr2IvaD-iILoBx3Q==
gtm.js
www.googletagmanager.com/ 		206 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TB47RXZ
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79e67e47de355ef95089f44e5c91930a1ea080548bb035188fc7bac736533783
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75119
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 27 Oct 2023 22:03:24 GMT
liveView.php
live.primis.tech/live/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=113678&cbuster=1698444204448
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bf3d8a50ea9662032b5e213d1dcb676b3129bc00ea3622bdac7f9ef00182e249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
wx5_MGp0cAQhC-3jtfBoAMSKIqM0_Y-SfV5K2cWnzBSHlMFCZmkezA==
rum
www.dailyfaceoff.com/cdn-cgi/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
application/json

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
81ce3a962b265bf1-FRA
four-surprise-teams-that-are-showing-green-flags-to-start-the-season.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/four-surprise-teams-that-are-showing-green-flags-to-start-the-season.json?slug=four-surprise-teams-that-are-showing-green-flags-to-start-the-season
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b572921812b7e72232b39687e746c15973e594211c223c5bd6158766cdfb2ee1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::97dj8-1698418849568-90c42662786a
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"z9j9ked55l7gi"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a969b685bf1-FRA
9534-e86df2f088a2406b.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/9534-e86df2f088a2406b.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1575644
content-disposition
inline; filename="9534-e86df2f088a2406b.js"
x-vercel-id
gru1::l97bx-1690499737111-3b8567c4f810
server
cloudflare
x-matched-path
/_next/static/chunks/9534-e86df2f088a2406b.js
etag
W/"0f8e4a4e7b71506d0051bc9abe971e8c"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb8e5bf1-FRA
6595-70557aa686731784.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6595-70557aa686731784.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
18427506
content-disposition
inline; filename="6595-70557aa686731784.js"
x-vercel-id
syd1:syd1::mtdbt-1680015842881-7cb2140754ee
server
cloudflare
x-matched-path
/_next/static/chunks/6595-70557aa686731784.js
etag
W/"5fc5cd10efe07b51e346a1c38c288514"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb8f5bf1-FRA
5935-987f64999aab59aa.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5935-987f64999aab59aa.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
249697
content-disposition
inline; filename="5935-987f64999aab59aa.js"
x-vercel-id
fra1::5kzlj-1698194507519-2a089a17d8d3
server
cloudflare
x-matched-path
/_next/static/chunks/5935-987f64999aab59aa.js
etag
W/"f202a2414de30c56bbcc4dbebb1a1f5a"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb905bf1-FRA
8852-cb6876ee41f3648f.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8852-cb6876ee41f3648f.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
3113972
content-disposition
inline; filename="8852-cb6876ee41f3648f.js"
x-vercel-id
gru1::84dnv-1695328828290-9d1c7014537e
server
cloudflare
x-matched-path
/_next/static/chunks/8852-cb6876ee41f3648f.js
etag
W/"c4377bd48371f549a140c5f309b2f4f4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb925bf1-FRA
6932-fb9f10300a0440b6.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6932-fb9f10300a0440b6.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1492083
content-disposition
inline; filename="6932-fb9f10300a0440b6.js"
x-vercel-id
gru1::qm4jl-1696950962789-0f6956ede05a
server
cloudflare
x-matched-path
/_next/static/chunks/6932-fb9f10300a0440b6.js
etag
W/"6e1c14d49c1a4dc5791dafaeeb5a5063"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb955bf1-FRA
8715-829ce80c7175ab12.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8715-829ce80c7175ab12.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1492262
content-disposition
inline; filename="8715-829ce80c7175ab12.js"
x-vercel-id
gru1::jbv7f-1696951283321-37543f13ea78
server
cloudflare
x-matched-path
/_next/static/chunks/8715-829ce80c7175ab12.js
etag
W/"57ea8f61f10a35f06f60914dd52829c0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb965bf1-FRA
%5Bslug%5D-ab23c5c8074ca39e.js
www.dailyfaceoff.com/_next/static/chunks/pages/news/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1492082
content-disposition
inline; filename="[slug]-ab23c5c8074ca39e.js"
x-vercel-id
gru1::jbhp5-1696950964263-f3dc53677876
server
cloudflare
x-matched-path
/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
etag
W/"03e31903743ef15b7ffa27f8b945b4e4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb975bf1-FRA
scott-maxwell.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/scott-maxwell.json?slug=scott-maxwell
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54fcb38f597d69363255918f56c83647802ccbc43cbaf4cd6aa198ea30785513
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::z54dh-1698419035809-94ea0622faaa
server
cloudflare
age
1802
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/authors/scott-maxwell.json
etag
W/"9hr5zmbrh94pz"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96ab6c5bf1-FRA
%5Bslug%5D-ad0d7229dab41a88.js
www.dailyfaceoff.com/_next/static/chunks/pages/authors/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/authors/%5Bslug%5D-ad0d7229dab41a88.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
250338
content-disposition
inline; filename="[slug]-ad0d7229dab41a88.js"
x-vercel-id
fra1::p5pn5-1698193866769-d3460d33d505
server
cloudflare
x-matched-path
/_next/static/chunks/pages/authors/%5Bslug%5D-ad0d7229dab41a88.js
etag
W/"8a73fadd234dc61ae5a246b4c47140ce"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb995bf1-FRA
projecting-usas-2024-world-junior-championship-roster.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		26 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/projecting-usas-2024-world-junior-championship-roster.json?slug=projecting-usas-2024-world-junior-championship-roster
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e50e6c72911f039e930dd45727136c161a1d5b9939aefc8a6a92d1b8525cf52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::256vl-1698418849573-0c792ee75ced
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"10im4min3tfkfq"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ab6f5bf1-FRA
stevenellis.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/stevenellis.json?slug=stevenellis
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
515f56f8b3cda6c2aba377ec9073722efbdf0772b2c7322e2047bc0a01883232
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::n95s9-1698411988195-80c11ca84bd4
server
cloudflare
age
1802
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/authors/stevenellis.json
etag
W/"ld74q2oc404pk"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96ab725bf1-FRA
flames-oilers-enter-heritage-classic-needing-something-anything-to-turn-season-around.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/flames-oilers-enter-heritage-classic-needing-something-anything-to-turn-season-around.json?slug=flames-oilers-enter-heritage-classic-needing-something-anything-to-turn-season-around
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f139fbcbee46376d1962aa24f994aa880a8ab736a1868ae29538b3d2398068
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::95wsr-1698428672387-6eca4ca483e8
server
cloudflare
age
342
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"17p6icktak5351"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ab745bf1-FRA
huntercrowther.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/huntercrowther.json?slug=huntercrowther
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b799af9aeb4d9b136c55a2c3e130bd6ce7d094009a9680d02d6575ececcaeef4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::bg2rc-1698395651379-c70de630c343
server
cloudflare
age
1802
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/authors/huntercrowther.json
etag
W/"11483qc1co34nu"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96ab755bf1-FRA
is-the-erik-karlsson-experiment-in-pittsburgh-working-out.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/is-the-erik-karlsson-experiment-in-pittsburgh-working-out.json?slug=is-the-erik-karlsson-experiment-in-pittsburgh-working-out
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede96f7235536cf53e19694f7b688602ab6aa087b14b0526a854e54aab6a5602
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
fra1::cle1::t7ndg-1698438558945-b4b8db0b669a
server
cloudflare
age
344
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"14yjlnfekes39n"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ab765bf1-FRA
the-dfo-rundown-ep-249-live-from-edmonton-for-the-heritage-classic.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/the-dfo-rundown-ep-249-live-from-edmonton-for-the-heritage-classic.json?slug=the-dfo-rundown-ep-249-live-from-edmonton-for-the-heritage-classic
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4f93f9b0859a75d23927946792ef524cd8211ecf05adc83e1e686fa6e69b85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
fra1::cle1::br68v-1698438547171-e25f75fe3f80
server
cloudflare
age
344
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"uw48eydrpn2lg"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ab795bf1-FRA
toronto-maple-leafs-send-prospect-fraser-minten-back-to-whl.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/toronto-maple-leafs-send-prospect-fraser-minten-back-to-whl.json?slug=toronto-maple-leafs-send-prospect-fraser-minten-back-to-whl
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a4821f3a3f567daaeecd9056faeedb12611908bb9a9b9f5baadae5438b1169
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
fra1::cle1::8gv8r-1698435028748-f239c47de670
server
cloudflare
age
344
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"n8uu2akk5x2ln"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ab7a5bf1-FRA
senators-thomas-chabot-out-4-to-6-weeks-with-fractured-hand.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/senators-thomas-chabot-out-4-to-6-weeks-with-fractured-hand.json?slug=senators-thomas-chabot-out-4-to-6-weeks-with-fractured-hand
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eed3f9a44f8265ab7239401f9917625bcfa9ced66220e43743145067012069a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
fra1::cle1::4s4k4-1698435028749-96729b68f40a
server
cloudflare
age
344
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"8y0bxquhyk3e1"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ab7c5bf1-FRA
dfo-dfs-charts-10-27-23.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		17 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/dfo-dfs-charts-10-27-23.json?slug=dfo-dfs-charts-10-27-23
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dae096c3cdf083300d4fb6aa7487b87c5eba0ff39b10933cb680e50eee9117e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::n95s9-1698432597321-b2bce2b77d3f
server
cloudflare
age
344
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"11ypajszm3ed7i"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ab7d5bf1-FRA
betano-daily-bets-buffalo-sabres-moneyline-connor-bedard-shot-prop.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/betano-daily-bets-buffalo-sabres-moneyline-connor-bedard-shot-prop.json?slug=betano-daily-bets-buffalo-sabres-moneyline-connor-bedard-shot-prop
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6879cf6bc81539d5dd0f4c42bb43c2ce92e87cd830047f6791c91671b7288ea0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::x5dlf-1698426445141-bd97ddba744e
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"pz111c2wz82tl"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96bb7f5bf1-FRA
just-how-bad-have-the-san-jose-sharks-been-this-year.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/just-how-bad-have-the-san-jose-sharks-been-this-year.json?slug=just-how-bad-have-the-san-jose-sharks-been-this-year
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c88e7a03a4a35314629f22a775db537bcb111d5ca95c475fdb35883b850c0cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::s85hj-1698426446629-722abbacfc8d
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"11nzhq5tmsj3j8"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96bb825bf1-FRA
brock-seguin.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/brock-seguin.json?slug=brock-seguin
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93167d5a788d84153a48591535fedd2933ce6bac0cbc6b26dea9d666b72fb420
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::sgskv-1698438667682-960bc864d5df
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/authors/brock-seguin.json
etag
W/"su70adthz35we"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96bb855bf1-FRA
fantasy-hockey.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/fantasy-hockey.json?slug=fantasy-hockey
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a991f46b6a11a88cb67c2ef91c8c60ce64a75ab2ff7da0e3baa8aa95d2e90e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::rfcvf-1698438667683-9e9a920de903
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/categories/fantasy-hockey.json
etag
W/"frqg3hzt9669k"
x-vercel-cache
STALE
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81ce3a96bb865bf1-FRA
%5Bslug%5D-4f9a06131d4354e0.js
www.dailyfaceoff.com/_next/static/chunks/pages/categories/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2729244
content-disposition
inline; filename="[slug]-4f9a06131d4354e0.js"
x-vercel-id
gru1::sgxjq-1695710442719-48996a25e66b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
etag
W/"740547ad66f265974028a58ecf8e219f"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96bb9c5bf1-FRA
fantasy-hockey-weekend-streaming-targets-week-3.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		9 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/fantasy-hockey-weekend-streaming-targets-week-3.json?slug=fantasy-hockey-weekend-streaming-targets-week-3
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf384fe6f0a73346a440660c76ba82c3e9b384adbbf5cb95197bd658a7150db9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::l7qhw-1698417441693-c292e6a17e4f
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"11pfgwk2rlc7aq"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96bb875bf1-FRA
fantasy-hockey-daily-goalie-rankings-10-26-23.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/fantasy-hockey-daily-goalie-rankings-10-26-23.json?slug=fantasy-hockey-daily-goalie-rankings-10-26-23
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e7781590b033b135f5dd35660b0395e7d7d56b3a2fecd82d144fd0ead8b370
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::plgxv-1698350894183-f25f8b557a69
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"5xqakhx4yb5br"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96bb885bf1-FRA
nick-szeman.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/ 		7 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/nick-szeman.json?slug=nick-szeman
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42c0a4f26113d4c1846e1db418523468847edb2f9dd428a2dd49810bc3d4bdf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::zphh6-1698365159382-90214956d03b
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/authors/nick-szeman.json
etag
W/"cqb4m0rt8c5uk"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96bb895bf1-FRA
coltondavies.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/authors/coltondavies.json?slug=coltondavies
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6750e55727cb658d6e61e2031b2be140bad3ca2703278aaa2e9f04dfb15fb9b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::jzggd-1698428718560-58c9a530c450
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/authors/coltondavies.json
etag
W/"i1ioipbamz4p4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96bb8a5bf1-FRA
betting.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/betting.json?slug=betting
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f24863f9ca4da524603ea1ee73f4c1a139b4e9d9dcd2d4e87fb7d704779d56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::r9ms5-1698438667695-1fc17bf767b6
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/categories/betting.json
etag
W/"hfobbsjlnu6j7"
x-vercel-cache
STALE
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81ce3a96bb8b5bf1-FRA
betano-daily-bets-charlie-mcavoy-scott-laughton-shot-prop-parlay.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/betano-daily-bets-charlie-mcavoy-scott-laughton-shot-prop-parlay.json?slug=betano-daily-bets-charlie-mcavoy-scott-laughton-shot-prop-parlay
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf1cf8e4e22793e55296c30274d2f41f4d0452b39e0c1cbc01ad2a5086140f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::g8974-1698341591851-4a0442374f3b
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"11fodwlebrg3dt"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96bb8c5bf1-FRA
betano-daily-bets-new-jersey-devils-to-win-by-2.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/betano-daily-bets-new-jersey-devils-to-win-by-2.json?slug=betano-daily-bets-new-jersey-devils-to-win-by-2
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbb2049b6445858d9958a6aeb5043e600645aa955d3d0fa4d8a8198d3b71890
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::msmqx-1698257185810-ba962028fb5d
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"11pnjp5i0fp2hm"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96bb8d5bf1-FRA
index.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/index.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7374e903dffae4b243c3c74d03ad3a266c0ce0cc2e26851ea42238ced630c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::2msmw-1698436710082-f81d658e56d0
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/index.json
etag
W/"15uqbux0r0i5jt"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=120, must-revalidate
cf-ray
81ce3a96bb9e5bf1-FRA
fantasy-hockey.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/fantasy-hockey.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a991f46b6a11a88cb67c2ef91c8c60ce64a75ab2ff7da0e3baa8aa95d2e90e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
x-nextjs-matched-path
/categories/[slug]
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::blmq4-1698432918665-dd1c6af3b82d
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/categories/fantasy-hockey.json
etag
W/"frqg3hzt9669k"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81ce3a96bba05bf1-FRA
betting.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/betting.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f24863f9ca4da524603ea1ee73f4c1a139b4e9d9dcd2d4e87fb7d704779d56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::dtp9z-1698426458882-261f59d05c02
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/categories/betting.json
etag
W/"hfobbsjlnu6j7"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81ce3a96bba35bf1-FRA
shows.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/categories/shows.json?slug=shows
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee649a18fb07a5c076fa66c61321f6a5fe3d54b971a2b78dbbb83ab55dadfa56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::qnlfh-1698438667686-c5dc33d6703c
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/categories/shows.json
etag
W/"m1e9ouh6gp67t"
x-vercel-cache
STALE
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81ce3a96bba65bf1-FRA
nhl-weekly-schedule.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/ 		94 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/nhl-weekly-schedule.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea3b2fa1d671b8a073c7109f4bc263bbb246f2a51d767c99c1ef7d342879153
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::msblm-1698365159400-2174852387d7
server
cloudflare
age
3191
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/nhl-weekly-schedule.json
etag
W/"ktg0ogs3yc229z"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=14400, must-revalidate
cf-ray
81ce3a96cbab5bf1-FRA
374-afa99051b8f32278.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/374-afa99051b8f32278.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
18427503
content-disposition
inline; filename="374-afa99051b8f32278.js"
x-vercel-id
syd1:syd1::t6bhs-1680015846216-236217800763
server
cloudflare
x-matched-path
/_next/static/chunks/374-afa99051b8f32278.js
etag
W/"79f85b1db20e67f4343d8a6733d99904"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96ebcd5bf1-FRA
4151-9e344b2b9cae2770.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/4151-9e344b2b9cae2770.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
4110016
content-disposition
inline; filename="4151-9e344b2b9cae2770.js"
x-vercel-id
gru1::mkj9x-1694128394807-0162f6d5ee8e
server
cloudflare
x-matched-path
/_next/static/chunks/4151-9e344b2b9cae2770.js
etag
W/"f3199da89ac97ea9259d3a8d2ac83f8e"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96ebce5bf1-FRA
nhl-weekly-schedule-bac0295831efb757.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		0
590 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
4110016
content-disposition
inline; filename="nhl-weekly-schedule-bac0295831efb757.js"
x-vercel-id
gru1::v4qqq-1686742631797-4df456b677c8
server
cloudflare
x-matched-path
/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
etag
W/"59330b45e2f3cbcfa841df73b8ee8cbd"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96ebcf5bf1-FRA
hockey-player-news.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/ 		30 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/hockey-player-news.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ab6f42a961d8f55f5039531c55d9842979c735ee6ebb20d9f49d03a36bc1b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
fra1::cle1::65xf5-1698443323526-8814708c2bb4
server
cloudflare
age
881
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/hockey-player-news/[[...params]].json
etag
W/"t5zhgmp88znk7"
x-vercel-cache
STALE
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96ebc45bf1-FRA
5761-ac0d245560f2ff39.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5761-ac0d245560f2ff39.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
7092518
content-disposition
inline; filename="5761-ac0d245560f2ff39.js"
x-vercel-id
gru1::qgw56-1691351103500-e9b0e208b310
server
cloudflare
x-matched-path
/_next/static/chunks/5761-ac0d245560f2ff39.js
etag
W/"83c50bee50173b8347bcbab533cae47a"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96ebd05bf1-FRA
%5B%5B...params%5D%5D-795bc57b69ba0e69.js
www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
4110016
content-disposition
inline; filename="[[...params]]-795bc57b69ba0e69.js"
x-vercel-id
syd1:syd1::gc8nt-1683565450942-0c6f25c4e39b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
etag
W/"af9da9f039217d60eaf6f803c8c41149"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96ebd15bf1-FRA
starting-goalies.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/ 		28 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/starting-goalies.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be61b415cff21e9526255f6e8478bfafe2179ed108a12aea9a40f814092b2af4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::zxrl6-1698443770326-fa2ba66caecd
server
cloudflare
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/starting-goalies/[[...date]].json
etag
W/"13gip4xebdhmes"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=120, must-revalidate
cf-ray
81ce3a96ebc85bf1-FRA
878-2455321700c408f9.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/878-2455321700c408f9.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2759213
content-disposition
inline; filename="878-2455321700c408f9.js"
x-vercel-id
gru1::ck8tk-1695683989238-0ec26c7549ec
server
cloudflare
x-matched-path
/_next/static/chunks/878-2455321700c408f9.js
etag
W/"5b098f564887aced852856f218635be0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96ebd35bf1-FRA
%5B%5B...date%5D%5D-a74aa9694d5b8077.js
www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1468244
content-disposition
inline; filename="[[...date]]-a74aa9694d5b8077.js"
x-vercel-id
gru1::vj9dp-1696975531369-acddbf8e89c1
server
cloudflare
x-matched-path
/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
etag
W/"e5f481a3ed6a71a71004c4bd6062fc75"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a96ebd45bf1-FRA
teams-39d84c01efe361c5.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/teams-39d84c01efe361c5.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
582126
content-disposition
inline; filename="teams-39d84c01efe361c5.js"
x-vercel-id
gru1::6h5hx-1691351101531-a2b9c4bdfb5e
server
cloudflare
x-matched-path
/_next/static/chunks/pages/teams-39d84c01efe361c5.js
etag
W/"d17e5b4e50ef3573be47d9477cc64ac2"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a970be75bf1-FRA
2024-fantasy-hockey-draft-kit.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/news/2024-fantasy-hockey-draft-kit.json?slug=2024-fantasy-hockey-draft-kit
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374ec0bc6ed4dbe80d5b50ab1df72969a871ee0bf6213c7f6e378144b8702ce3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
x-nextjs-matched-path
/news/[slug]
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::cfqbq-1698194930644-73466294e143
server
cloudflare
age
344
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/news/[slug].json
etag
W/"10r13vo2d5b9if"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81ce3a96ebc95bf1-FRA
projections.json
www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/ikpOQznQlisf-MF_BF119/projections.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856b8e5613167bc024c5fd800987c0cd296c9244a1f5eb6e58fe07023c02aca2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::cvn69-1698194930648-6fa8d41d4669
server
cloudflare
age
1247
x-matched-path
/_next/data/ikpOQznQlisf-MF_BF119/projections.json
etag
W/"12i01taal322tv"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81ce3a96ebcb5bf1-FRA
projections-55fc3d09697af711.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/projections-55fc3d09697af711.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
137495
content-disposition
inline; filename="projections-55fc3d09697af711.js"
x-vercel-id
fra1::65rrv-1698306709016-32dce8d23cd0
server
cloudflare
x-matched-path
/_next/static/chunks/pages/projections-55fc3d09697af711.js
etag
W/"9ac59e13eaed3ad159a8f5e412c5782d"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3a970be85bf1-FRA
js
www.googletagmanager.com/gtag/ 		259 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WYFDLPLCRR&l=dataLayer&cx=c
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f4992265a6b21572af609055b8b9a5ee935be537d48b47275d500c9e7a7277d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89612
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 27 Oct 2023 22:03:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 27 Oct 2023 21:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
822
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 27 Oct 2023 23:49:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e2e5c32b1e1de0fb17834f86fb384a14e2dd0d4acd1a70221c1d27dbe0020ab
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 27 Oct 2023 22:03:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54209
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
VIbCpxU8/ImSWLjakzY6n3RYPn+5ISAlz85T9S/Kvv0F/1EqZV2QT3rrKYrKyYbLt23hpZ3GHYqsVEB8OEF1jg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/7161055/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol
H2
Server
18.165.242.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-242-110.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 07:18:34 GMT
content-encoding
gzip
via
1.1 c0d3087d57a8a55d4c0bfa30ec3ed778.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-P6
age
53464
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
PRzYiGgdsJTNhrWJgTIy70uLD88YBmwUa8AcTiq35pCpMVkUvQZ4Dw==

Redirect headers

date
Fri, 27 Oct 2023 22:03:24 GMT
via
1.1 c0d3087d57a8a55d4c0bfa30ec3ed778.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
LHR61-P6
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
G88jQ3fw2C18YCdPA0H_OBAc6BY-VWQjfy2jBUfkPqX47_UGjhhPmA==
marfeel-sdk.js
sdk.mrf.io/statics/ 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc50b0daca7448b2b0a0f709545ae0f964555d05ca2fd5e9cff5b22577aea292

Request headers

Referer
https://www.dailyfaceoff.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
60
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
content-length
35526
x-response-time
1ms
last-modified
Fri, 27 Oct 2023 22:02:24 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
81ce3a976dc535f8-FRA
playmaker-adapter.js
cdn.optmn.cloud/hb/ 		220 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optmn.cloud/hb/playmaker-adapter.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54934e516d59ec5ca986e291c5445907c9db651e73988fe1c50fac7a813aaec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Oct 2023 18:57:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5302
etag
W/"c67af06fc5c07a5049ea35b5ddb0efbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhSrGqOH9o336BBpmFd94PUA7JXRZB5MNhfbzQ6CmXe9Z0I%2BFkYz6oGwkw8zB%2FYUnfsCgOP%2FPWanvxfs2eTNZTlZZZp1Sf06QPjTx%2FuY0mRlHKFX3hX4LyzuDKpf0IRjVBR2gEEHtjmPeMdtSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
81ce3a97ad0d9b5d-FRA
alt-svc
h3=":443"; ma=86400
liveView.php
live.primis.tech/live/ Frame 3EF7 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=113678&cbuster=1698444204448&cbuster=1698444204&pubUrlAuto=https%3A%2F%2Fwww.dailyfaceoff.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bb7be030a24340f6fb74fd40e72a48819cad39e56305df75a4e9fc68fb0c4f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
zPrrLPHm4QQQdK0xifmtC1SZK1dEBJDU3CutBQ38j4NJADgh0nh6qA==
prebid-wrapper.js
dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		282 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/prebid-wrapper.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248d:e000:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d6aa5b4c845b8f9ff6d96aa75daf97e312f5c81a96f442a379c30c08a4c6bec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:26:03 GMT
content-encoding
br
via
1.1 e36fe0bdae95008c3ad3d675228af1aa.cloudfront.net (CloudFront)
x-amz-version-id
WorppPZwRttaBRv0y_9nG8Js9M72FXsf
x-amz-cf-pop
MXP64-P2
age
2242
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 13:59:37 GMT
server
AmazonS3
etag
W/"a9dae0a6f7b4aa4e6e87195b342fbdbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
kp53LLBcZlS4afMe6WJBU8yHYtnJ9zSuCSMW0EKkSAmME6a0ct8Mww==
7.54.3.js
edge.aditude.io/prebid/ 		473 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3d77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa3741725a3cfac0fde7e55903de1c4b18765636f546bcc8651523e617c3a0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::j5pwj-1695662424961-d2dab442fc88
server
cloudflare
age
103295
x-matched-path
/prebid/[version]
etag
W/"7633e-73pfTwm4qFCORV1h7209CNi5R9o"
x-vercel-cache
HIT
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2678400
cf-ray
81ce3a97ebee9244-FRA
polyfill.min.js
polyfill.io/v3/ 		101 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 27 Oct 2023 22:03:24 GMT
age
1251822
detected-user-agent
Chrome/118.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/118.0.0
content-type
text/javascript; charset=UTF-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
config.json
edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		24 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/config.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3d77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
496913b9c2146703e5452254e115bfa25d1e6e690138448ed9a47757c8fa6826
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
6795
x-vercel-id
fra1::cle1::wgmwq-1698264226009-b7a227c06a43
server
cloudflare
x-matched-path
/wrapper/[publisherKey]/[wrapper]/config.json
etag
W/"18-c7MPOkhj4yubxCBneOJNcIbelYo"
x-vercel-cache
MISS
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300, stale-if-error=3600
cf-ray
81ce3a97edc19b52-FRA
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1222580907&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&ul=en-us&de=UTF-8&dt=Starting%20Goalies%2C%20Line%20Combinations%2C%20NHL%20News%2C%20Opinion%2C%20and%20Analysis%20-%20Daily%20Faceoff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=1874596510&gjid=2009253183&cid=137208439.1698444205&tid=UA-2397777-11&_gid=358730730.1698444205&_slc=1&gtm=45He3ap0n81TB47RXZv77098108&gcd=11l1l1l1l1&z=1178644635
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2397777-11&cid=137208439.1698444205&jid=1874596510&gjid=2009253183&_gid=358730730.1698444205&_u=YGBAgAABAAAAAG~&z=543575152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 27 Oct 2023 22:03:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
deflate.min.js
live.primis.tech/main/js/ Frame 3EF7 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:08 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64db4a50-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
d8wpg6Bal89S1kcLpUtf9pWh19VdNH8YtiFNHXaAs_KrcFla6UMSjA==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame 3EF7 		39 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64d0ac41-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
XcWfYprA7fWdyXNE4eTCeXRgx8m0YbAtYOKhBoglhB5Ow3vlT18aXA==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame 3EF7 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64d0ac41-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
vjztYGydelFzw0arkHQvVecHKFmec7dJOJfgje-1MxQ0U9RoiIxCnA==
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 3EF7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
kl6Mn-Pyvd11EIPedxKgIvL1iSETC6hlZXkOwCSo1Rmcm2C2xCt6Xg==
expires
Sat, 26 Oct 2024 22:03:24 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 3EF7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
3bO5yMpDmATcZQaE04eKjYrpek5SGReo_RFOCVboLEACBLneitA9RA==
expires
Sat, 26 Oct 2024 22:03:24 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 3EF7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
sm3Q95-NGsTCzA83FpEg32h7xI2hp_XMU2XyA0rXH__9NUbYzO0eRQ==
expires
Sat, 26 Oct 2024 22:03:24 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 3EF7 		258 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
QkPbE74-3pgOhIjGIIUih6b_62pAzSQhAHKEC62XMQXpShFie84UtQ==
expires
Sat, 26 Oct 2024 22:03:24 GMT
prebidVid.7.16.0_15.min.js
live.primis.tech/content/prebid/ Frame 3EF7 		524 KB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3de7b02c8eb7669f21ac1831b7f1177c51689ffa3bc2175e40f91a90d4868af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 10:11:39 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"651be8db-82f55"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
FLr7OAkr72foxIihn88kYVT7A3GZVk-hTtXLP9Jin2HYNISEUASWVg==
expires
Sat, 26 Oct 2024 22:03:24 GMT
liveVideo.php
live.primis.tech/live/ Frame 3EF7 		660 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D32385F30317D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1012%3Ad5e0%3Aa20f%3A6753&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.117+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1698444204&csuuid=653c33acb6887&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371ausxnwiyz&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2951823ac94f74528fc366f147a6953c5cf0748e46af7f5a49a3e45bf87ff0c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
5FEybm3giN0piOq6jrKRAT4MbjZ83jun-4Ncd7MQaT0lL3NL0WEGdQ==
1721740624799960
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1721740624799960?v=2.9.136&r=stable&domain=www.dailyfaceoff.com
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2995971231b162fc5ed1a7125c1703948b221f3175a027721b3306900dfa503d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 27 Oct 2023 22:03:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36693
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
+5QpBd1z04DF4IawHQij11iFVwOw6IFgHhytMBNgENuUIDrMsCQ4wmQjKg3KmO7uIKTNLp9q90fTXtu0VsDqOA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WYFDLPLCRR&gtm=45je3ap0v894180707z877098108&_p=1222580907&_gaz=1&gcd=11l1l1l1l1&cid=137208439.1698444205&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698444204&sct=1&seg=0&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dt=Starting%20Goalies%2C%20Line%20Combinations%2C%20NHL%20News%2C%20Opinion%2C%20and%20Analysis%20-%20Daily%20Faceoff&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYFDLPLCRR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WYFDLPLCRR&cid=137208439.1698444205&gtm=45je3ap0v894180707z877098108&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYFDLPLCRR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WYFDLPLCRR&cid=137208439.1698444205&gtm=45je3ap0v894180707z877098108&aip=1&z=1983074491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		126 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86
info.json
edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		121 B
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/info.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3d77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d46e748a88ff7a7d8778dfe7b7e8a1040a855addf48938cde30f750558f2da4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
9372
x-vercel-id
fra1::cle1::jps6d-1697490656383-01dd6d32a8cb
server
cloudflare
x-matched-path
/wrapper/[publisherKey]/[wrapper]/info.json
etag
W/"79-YGcnj/6MjI6e1mH2iMSFIvikHi0"
x-vercel-cache
HIT
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800, stale-if-error=3600
cf-ray
81ce3a995ebf9b52-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/ 		422 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f6a0baf7dbbc5ac8a75e413c851d73bb484b8d368f02c28ab08865b98b3b3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 18:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13046
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135481
x-xss-protection
0
server
cafe
etag
17406217098004719733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 26 Oct 2024 18:25:59 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
205 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 27 Oct 2023 22:03:25 GMT
age
1251822
detected-user-agent
Chrome/118.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/118.0.0
content-type
text/javascript; charset=UTF-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
ad-server.f06b7d14f042cb1c6a9d.plugin.js
dn0qt3r0xannq.cloudfront.net/plugins/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/plugins/ad-server.f06b7d14f042cb1c6a9d.plugin.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:248d:e000:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:47:55 GMT
x-amz-version-id
PRTVYtpyha4k.P3NdVDovqmJduxN_4Sj
content-encoding
br
via
1.1 49ec54bc2d288bd780ce5a03e75382a8.cloudfront.net (CloudFront)
age
54931
x-amz-cf-pop
MXP64-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 26 Oct 2023 19:20:33 GMT
server
AmazonS3
etag
W/"c01fcb7ef1d8b67911dcde694106550a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
mz5xNQ4_MMeQod9r8n_2xE99yFQeIx1ZFUtgSiCJk1Pjlg9by_J29A==
apstag.js
c.amazon-adsystem.com/aax2/ 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:35:36 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, ZRH50-C1
age
1670
x-amz-server-side-encryption
AES256
etag
W/"f90f24d20b0a1f80ef986c97a9726a2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
iYmcEx8Im7s-HlGE6jOIxoOcq89K7qETIf2e-4FIoLvXmiBnBqhmFA==
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=7161055&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1698444205218&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c8=Starting%20Goalies%2C%20Line%20Combinations%2C%20NHL%20News%2C%20Opinion%2C%20and%20Analysis%20-%20Daily%20Faceoff&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.242.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-242-110.lhr61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
via
1.1 c0d3087d57a8a55d4c0bfa30ec3ed778.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
LHR61-P6
x-amz-cf-id
Eq0s_bezMHrXjH6RPQ_yQUBzA0CB2xVY-aIEVUCcuYV5cifirH0SYg==
x-cache
Miss from cloudfront
experiences
flowcards.mrf.io/json/ 		124 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/experiences?site_id=294&client_id=f0e51c08-a3d0-4449-913d-0b75bb5832ba&user_type=0&canonical_url=https%3A%2F%2Fwww.dailyfaceoff.com&referrer=&recirculation_source=&previous_page=&geo=__INJECT_GEO__&session_duration=1&pageviews=1&first_visit=1698444204&page_technology=0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98ec9a89e3a60b3cbd15d43724c922ec5b3864e2eddf211f1f51263b7c3327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-envoy-upstream-service-time
5
accept-ranges
bytes
cf-ray
81ce3a9b2846bbc8-FRA
alt-svc
h3=":443"; ma=86400
content-length
119
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 23 Oct 2023 08:11:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
391871
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDbjAJg1s56%2FXSNEkE%2B7CiuEFWAQEfzUMPzKmIk1544njaxdKaIc6U2MZCpr26hXd9GBKscwK1Rh0gVy%2FOJOBqU4Ptujl51COwnpR6%2FilPThjgImWIyav5LItzSuM3c%2F8FgH7x2j%2FEce9jMe"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
81ce3a9b0b1dbb32-FRA
prebid
ib.adnxs.com/ut/v3/ 		143 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
af73bc60ca28a31d86c8090b69c684f6a07ee624b4a048efd5af4cd49604586e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
an-x-request-uuid
be9571eb-e864-420b-ac27-52c466d9a654
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.163.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-163-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:25 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.3
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c718009cf83f5b2de9ccc52e7b8d0c7f8ad3dcfb965a6ac190ec346a4901fc3f

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 27 Oct 2023 22:03:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailyfaceoff.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2490
/
shb.richaudience.com/hb/ 		4 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81ce3a9b2f0c37da-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14194&site_id=405436&zone_id=2272718&size_id=15&rf=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.domain=dailyfaceoff.com&tg_i.page=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.pbadslot=%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right--pb-slot-right-1&tk_flint=pbjs_lite_v7.54.3&x_source.tid=c43223e6-eeda-4b25-b274-81930561a4de&l_pb_bid_id=1688492009f954&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c43223e6-eeda-4b25-b274-81930561a4de&rp_maxbids=1&slots=1&rand=0.22635822267466033
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8c83b9857077961a37ae8bdf9d1387abe6f1dcbe9de7d476271bb2c73c6af675

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
387
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=81992551008&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		145 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ee518897d1c978ec75514fa74f4250ac3ee6164bc9625ba044042276d07c8fcd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
an-x-request-uuid
cbbde469-a74f-48cf-9a0e-26b516af293e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.156.243.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-243-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-multi
hb.yellowblue.io/ 		84 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
da97b58476f441539800577d0d4e1a5940c63ace844961be0993e1a0ba999fee

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
prebidjs
rtb.openx.net/openrtbb/ 		53 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
00a54e9d080a2f18c8af7ef85a96f6c25f4cb17352f050ff91abb37cbb606065

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=923189
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b61c56f7865331545d46697d49e6f08ecf17aec054fb4765394c685d72b8c82

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxuX1cNrwWVzrS8w5AQf3cSZQlqInDfOC5kBJB2a%2FlV%2Fe%2FEnxgLPXH2Qq8sUop%2FoV8vtwLvR5aRC2wy%2FUvLsRp%2B%2FWsyJhnNVQFysoILCG21Ed15mGnNeZLT3rStTGuiKpbwjMrT4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ce3a9b7965bbd4-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		21 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3b5c22b1f5551a2c3481a1f3ee1aa6f5e6525598423350ce528f075ac2f240f4

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
146
content-length
4888
prebid
krk2.kargo.com/api/v1/ 		0
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.229.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-229-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
3093a5eb02b0d59e0510730bb6b6a8515942fe212b9ccd5e85ed9cab9266caec

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1721740624799960&ev=PageView&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&rl=&if=false&ts=1698444205322&sw=1600&sh=1200&v=2.9.136&r=stable&ec=0&o=4126&fbp=fb.1.1698444205314.1437328195&cs_est=true&ler=empty&it=1698444204876&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 27 Oct 2023 22:03:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"647db3ea-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
sghSpab8z_RquwoZqZAYYoqyun5vrpjJFN4SKu2MA7P8V7MOkO63TQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3EF7 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:35:36 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, ZRH50-C1
age
1670
x-amz-server-side-encryption
AES256
etag
W/"f90f24d20b0a1f80ef986c97a9726a2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
MMGsbyWy8ufxtnglKGBB6ONFbDT5Ry9F38jnUwsRAECY2Yrh5bB4cA==
css
fonts.googleapis.com/ Frame E44C 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 20:59:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 Oct 2023 22:03:25 GMT
css
fonts.googleapis.com/ 		2 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 21:08:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 Oct 2023 22:03:25 GMT
liveView.php
live.primis.tech/live/ Frame 3EF7 		139 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTNvMWFyMmNwYTZvNTU4MTMmMDE4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV6WWcGnFcUTXcZMxUlWWcVMU9ERXcNrxF4T0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UZmBOREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1T0RZME1En3yNQXA5Ly81pF9JSGUmX2RMpUqEREkapzRMTzysWauPYVJRWFE4S2gToVRPTGxjo0EzqzyxX2NioaRyoaRsnWQ9Mmp4MTt5MlZ2nWRsY29hqGVhqF9xZXNwPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X3RcqGkyPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMlZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMwM4NUYmMDMkN0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE4LwAhNTx5Ml4kMTpeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTNwMmNuY2I2ODt3JzNvqXN0ZXI9MTY5ODQ0NDIjNTU4MvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D32385F30317D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1012%3Ad5e0%3Aa20f%3A6753&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.117+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1698444204&csuuid=653c33acb6887&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371ausxnwiyz&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
21eec8e1c1f559cc6e31e5077ac9d5596162f36d38a13273274ca5e107e32de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
13504
x-amz-cf-id
CeKibk_JJXiOHN0QQtgtY9I-ZVO-nQ80jqd4HpOfJmiOtjuRvloHgg==
liveView.php
live.primis.tech/live/ Frame 3EF7 		64 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTNvMWFyMmNwYTZvNTU4MTMmMDE4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV6WWcGnFcUTXcZMxUlWWcVMU9ERXcNrxF4T0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UZmBOREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1T0RZME1En3yNQXA5Ly81pF9JSGUmX2RMpUqEREkapzRMTzysWauPYVJRWFE4S2gToVRPTGxjo0EzqzyxX2NioaRyoaRsnWQ9Mmp4MTt5MlZ2nWRsY29hqGVhqF9xZXNwPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X3RcqGkyPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMlZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMwM4NUYmMDMkN0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE4LwAhNTx5Ml4kMTpeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTNwMmNuY2I2ODt3JzNvqXN0ZXI9MTY5ODQ0NDIjNTU4NvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D32385F30317D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1012%3Ad5e0%3Aa20f%3A6753&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.117+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1698444204&csuuid=653c33acb6887&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371ausxnwiyz&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6de70cd3ab2a39395bf25cfc37abd5994e25c9be96e73de4d0dfe60c635630af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
8480
x-amz-cf-id
5UDVyjBfalQ61bbBV1KbObdLTvg9csnsp1M0a-urIYJf2Q12nMJykg==
liveView.php
live.primis.tech/live/ Frame 3EF7 		157 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTNvMWFyMmNwYTZvNTU4MTMmMDE4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV6WWcGnFcUTXcZMxUlWWcVMU9ERXcNrxF4T0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UZmBOREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1T0RZME1En3yNQXA5Ly81pF9JSGUmX2RMpUqEREkapzRMTzysWauPYVJRWFE4S2gToVRPTGxjo0EzqzyxX2NioaRyoaRsnWQ9Mmp4MTt5MlZ2nWRsY29hqGVhqF9xZXNwPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X3RcqGkyPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMlZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMwM4NUYmMDMkN0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE4LwAhNTx5Ml4kMTpeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTNwMmNuY2I2ODt3JzNvqXN0ZXI9MTY5ODQ0NDIjNTU4NlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D32385F30317D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1012%3Ad5e0%3Aa20f%3A6753&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.117+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1698444204&csuuid=653c33acb6887&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371ausxnwiyz&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cfebadc922e70c97b28be4d1cf1e3c4d8798c8111594f2dc38852fae9b7f8641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
14768
x-amz-cf-id
2mrqQJWDdSFA7qeP_yQ0B7YmQakIPrJ-WUCKJIT7CNAEZATFLUac3g==
liveView.php
live.primis.tech/live/ Frame 3EF7 		148 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTNvMWFyMmNwYTZvNTU4MTMmMDE4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV6WWcGnFcUTXcZMxUlWWcVMU9ERXcNrxF4T0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UZmBOREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1T0RZME1En3yNQXA5Ly81pF9JSGUmX2RMpUqEREkapzRMTzysWauPYVJRWFE4S2gToVRPTGxjo0EzqzyxX2NioaRyoaRsnWQ9Mmp4MTt5MlZ2nWRsY29hqGVhqF9xZXNwPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X3RcqGkyPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMlZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMwM4NUYmMDMkN0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE4LwAhNTx5Ml4kMTpeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTNwMmNuY2I2ODt3JzNvqXN0ZXI9MTY5ODQ0NDIjNTU4OCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D32385F30317D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1012%3Ad5e0%3Aa20f%3A6753&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.117+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1698444204&csuuid=653c33acb6887&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371ausxnwiyz&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
55a4a6d06759abb4e7a6d1768597d7c40f333677b71f273280c9dc0a04d7197b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
14104
x-amz-cf-id
SOlJekByZi0Wg_sU6C90KaJr41cw2Kgj7WdIqsA6YWE78kybai4E_g==
liveView.php
live.primis.tech/live/ Frame 3EF7 		156 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTNvMWFyMmNwYTZvNTU4MTMmMDE4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV6WWcGnFcUTXcZMxUlWWcVMU9ERXcNrxF4T0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UZmBOREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1T0RZME1En3yNQXA5Ly81pF9JSGUmX2RMpUqEREkapzRMTzysWauPYVJRWFE4S2gToVRPTGxjo0EzqzyxX2NioaRyoaRsnWQ9Mmp4MTt5MlZ2nWRsY29hqGVhqF9xZXNwPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X3RcqGkyPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMlZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMwM4NUYmMDMkN0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE4LwAhNTx5Ml4kMTpeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTNwMmNuY2I2ODt3JzNvqXN0ZXI9MTY5ODQ0NDIjNTU5MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D32385F30317D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1012%3Ad5e0%3Aa20f%3A6753&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.117+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1698444204&csuuid=653c33acb6887&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371ausxnwiyz&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a5cfd91813dc1e977c25b2a04359f4752bdcb0d878097a003c3e9bf4db003093

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
14338
x-amz-cf-id
ZlYYHad9A45lALCLZqyzPbQPFt0fAv4mFMwyNKcPW2cTpYlw5jaWUA==
liveView.php
live.primis.tech/live/ Frame 3EF7 		56 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTNvMWFyMmNwYTZvNTU4MTMmMDE4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV6WWcGnFcUTXcZMxUlWWcVMU9ERXcNrxF4T0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UZmBOREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1T0RZME1En3yNQXA5Ly81pF9JSGUmX2RMpUqEREkapzRMTzysWauPYVJRWFE4S2gToVRPTGxjo0EzqzyxX2NioaRyoaRsnWQ9Mmp4MTt5MlZ2nWRsY29hqGVhqF9xZXNwPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X3RcqGkyPVRbZSgGqXR1pzUeo2YeSz9hYXRbYW4eTWFlY2uyp3NuqWk0JaZcZF9wo250ZW50X2R1pzF0nW9hPTEjMlZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMwM4NUYmMDMkN0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE4LwAhNTx5Ml4kMTpeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTNwMmNuY2I2ODt3JzNvqXN0ZXI9MTY5ODQ0NDIjNTU5NvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D32385F30317D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1012%3Ad5e0%3Aa20f%3A6753&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.117+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1698444204&csuuid=653c33acb6887&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371ausxnwiyz&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bab3aaa8dcee55305b68434d9c09686160bc52fc2667b916b56cbf9e509ca1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
7779
x-amz-cf-id
LAd-V7_kVrfPaBUMwXKpkrcYPs3YSrkgJ5T5oPsZyZriDzPI9brJxQ==
logo_17326.png
video.primis.tech/uploads/video/users/logo/31368/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/video/users/logo/31368/logo_17326.png?cbuster=1677177910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ae6c62a2a9c69aa427f3da2c542ce0a6572ec9a24d99c0cbcc27dcee10eeb09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 12:12:29 GMT
via
1.1 fa640a50340d741c579292b495a2218e.cloudfront.net (CloudFront), 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1, LHR50-P3
age
35456
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19841
last-modified
Thu, 23 Feb 2023 18:45:10 GMT
server
nginx
etag
"d009b6da409b751b4cee52bc57eefbcf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
eJnbmT7785aUNNIDrDC_5UT3ZyY63jZrmZa1FYmqeQV1EyP3-za_xg==
expires
Sat, 28 Oct 2023 12:12:29 GMT
vid653b1ae33ca6b558133018_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/ Frame E44C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018_thumb.jpg?cbuster=1698372448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
216677b257b8aa0f42f6310e3b018a3cbfd423647c9f8ed0197f2afa584d6f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 05:15:46 GMT
via
1.1 5fd5a7100537b482d912581a18b4587e.cloudfront.net (CloudFront), 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P1, LHR50-P3
age
60458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3421
last-modified
Fri, 27 Oct 2023 03:36:34 GMT
server
nginx
etag
"07fbca30ab75ddea1f36c0ee7ad779cf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
l-BwZNl7Hi9ZQYnu2IHxMsgS6RjV_kR3C0j5R-uapSjLUIl_VnuRcQ==
expires
Sat, 28 Oct 2023 05:15:46 GMT
vid653b1a5bdc6bf607752377_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/ Frame E44C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/vid653b1a5bdc6bf607752377_thumb.jpg?cbuster=1698372323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c19af2b5bffd688812dfdfceb887898c4a8cb73ef566dda5777db4f22fb55440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 05:15:46 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront), 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
60458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3303
last-modified
Fri, 27 Oct 2023 03:21:59 GMT
server
nginx
etag
"8a0717340ca11d6c8e9e4f502ef393fb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
JkbAJJQidUrQxj-ZFyhRpSJFAXnhF7tQfebYUM9U4uXdb49YV3G4hw==
expires
Sat, 28 Oct 2023 05:15:46 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMDJEMmImODVGMmAmMTqEN0I3MmMkMmpmMwM1MmUmNTM0MmA3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZENTI2ODYkNTp3ODM1NUE2RDQ2NxE1QTU3Mmx2RDVBNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTM3MmMmMwM2N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTNuMDAyM0EkMDElJTNBZDVyMCUmQWElMGYyM0E2NmUmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkOC4jLwU5OTMhMTE3JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTNwMmNuY2I2ODt3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMDU1NmAzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0mMDM5NmpjODQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
yOQkIyr5CffalAmjdubRP9UdFXHR1EzywsW-sE5s_fVV725zUeE8NQ==
vid653b1ae33ca6b558133018.jpg
video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.jpg?cbuster=1698372448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3b756d84fe739bb9f17ebc31396644e121e0765ac8449fb55a7522064d9fec27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 05:15:40 GMT
via
1.1 cd95edab6af9e155d29dc1b1149a5a70.cloudfront.net (CloudFront), 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW53-C1, LHR50-P3
age
60465
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23473
last-modified
Fri, 27 Oct 2023 03:36:32 GMT
server
nginx
etag
"aeb05983c20eac035ea2a7d7acfe26b3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
IWMa3eayJXynfKyccUbA_1bwKlIbOPnfMMQGmrATW9POo3ZOsWtd-g==
expires
Sat, 28 Oct 2023 05:15:40 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=753031
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d09ddd3e6a62c7e77c9c17a99a9f3136d6da9ff926129f3cd5f93030bc80a36

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr3c7G6xrCdKThT4EWSNHb9pVAUmBKuSp4AD42JKyASJpq0T%2FPQN8r%2BdR8EG%2FY4Ups0EataY7qFBeC58RS%2FzVS5sUw%2BK6BcxnoHUOFkGrtneelokghe%2BL1AXjWOudBHGqcNrNYk1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ce3a9d4ad0bbd4-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
krk2.kargo.com/api/v1/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.229.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-229-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		388 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14194&site_id=405436&zone_id=2272616&size_id=2&rf=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.domain=dailyfaceoff.com&tg_i.page=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.pbadslot=%2F63317524%2Fdfo%2Farticles%2Fleaderboard_header--pb-slot-header&tk_flint=pbjs_lite_v7.54.3&x_source.tid=2437b072-071c-4476-a138-dad1b5dbc82a&l_pb_bid_id=43c994263e8e275&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2437b072-071c-4476-a138-dad1b5dbc82a&rp_maxbids=1&slots=1&rand=0.4561851747032968
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
75d0e1101dc27c87c6956c676035c917c751ed157df687c3d409f3f1377246f8

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
388
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
7bdbd49fc2840a0bedc3cfd93eee56befb12b4ae64c76dc0b649e8d8030810d6

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
135
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		50 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
an-x-request-uuid
08722701-0123-41c6-b865-8ee77cbb182c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
9c8e933852d168773d7d40514f550910e7731858c101e2d0654fcad6c105dd83

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
tlx.3lift.com/header/ 		19 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.156.243.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-243-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-multi
hb.yellowblue.io/ 		84 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
24fbec8c97a011616f14985e3ae0546618dbd22685d2edd0bd68f60abb2a27f1

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
/
shb.richaudience.com/hb/ 		4 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81ce3a9da94f37da-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
876702a557e79418c29be6c55093cbd7e42f5195486183a54e69937862c2f037
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
an-x-request-uuid
f3b65fd3-2aeb-4684-88ee-ee3a710649ba
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=26236731240&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.163.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-163-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:25 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.3
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4bfd16961ed1b30e30101c7daa373b554902b425ffabeceaab8ff67aba419233

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 27 Oct 2023 22:03:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailyfaceoff.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
03798fac6a1ae0c8e7d89a6c656f7c16ac00098c6616065517669d090ea35ab0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
krk2.kargo.com/api/v1/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.229.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-229-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
v1
btlr.sharethrough.com/universal/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.163.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-163-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:25 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=97313000302&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
840ef5f125c6bbffe74cc756fab25709b5a6ce539803e1b9b2410c8386557ff2

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		145 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a54790c816cd58bfc91796efed376b5f0554a52a74d48202af3ef2e919c6e12d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
an-x-request-uuid
7597d6f1-8641-46d5-9b7c-fabd8db5cfe3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
shb.richaudience.com/hb/ 		4 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
206ec692f682e7210dc8e768e2233b0fdbb31413124e35f116764bde81eeb329
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
an-x-request-uuid
34ef4a42-2438-48c5-a850-986e3672a063
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.3
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
cdc0b6480fa0cad16fdc99115734b4b76cb8bbe59c7b4d1c71cf75943623e1c5

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 27 Oct 2023 22:03:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailyfaceoff.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2498
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.156.243.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-243-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
accept-ch
sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/ 		60 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81ce3a9dd96737da-FRA
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=923190
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a72cb0a9f83cb4dec370c4a53fcb46aa12eb35cb7ce405672bafc38bfcae913

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LR9fBbL3pv%2FRzqweRUAQ3KaZdyHx0v4ag0oJlVr8DUWpxDHWU7Wt9NTIwgTd0VCilE9qaYtNf1cmMDCUj6fVsF9HmGAzCli6ZsTAbD8WCs5i2FQBUKhz0khIQIkbnbUTa9yWHR11"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ce3a9ddead904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		388 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14194&site_id=405436&zone_id=2272738&size_id=15&rf=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.domain=dailyfaceoff.com&tg_i.page=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.pbadslot=%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right2--pb-slot-right-2&tk_flint=pbjs_lite_v7.54.3&x_source.tid=bb84f6b4-2495-4c7f-984f-6f95d1b8fdfe&l_pb_bid_id=9650193e95f50cb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bb84f6b4-2495-4c7f-984f-6f95d1b8fdfe&rp_maxbids=1&slots=1&rand=0.3282174106572686
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f286a73d4d1d68bb440ae8d6733c6e97e355860130286ad2db1cedb4c837a0f9

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
388
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4e93609719fd02ee4384c0230d3ce4fcafe153ce351d73812cd45bf752c3004e

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:24 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
139
content-length
3390
hb-multi
hb.yellowblue.io/ 		83 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
dc5d9ca995a55caa58caf374359e64572afddf0cc6cd6109fc063389ed35b1bb

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:25 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options
nosniff
age
342078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 23:02:07 GMT
web-vitals
www.dailyfaceoff.com/_axiom/ 		0
126 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_axiom/web-vitals
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/_next/static/chunks/pages/_app-cf9cf791326c77a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
x-vercel-id
fra1::wd5tv-1698444205927-2152d2f1dcb9
server
cloudflare
x-vercel-cache
MISS
vary
Accept-Encoding
cache-control
public, max-age=0, must-revalidate
cf-ray
81ce3a9ee8d05bf1-FRA
content-length
0
g_pbst
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=300&h=250&bid=109e14e4e71b76c3&c1=banner&np=0.018414000000000003&aud=30c2e14185bd2d8&a=/63317524/dfo/articles/boxbanner_right--pb-slot-right-1&c2=hb_bidder%3Damx%26hb_adid%3D109e14e4e71b76c3%26hb_pb%3D0.01%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dfirmen.tv&ts=1698444205938&eid=114c25f73a993fb4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.137.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-137-241.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
vid653b1ae33ca6b558133018.jpg
video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.jpg?cbuster=1698372448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3b756d84fe739bb9f17ebc31396644e121e0765ac8449fb55a7522064d9fec27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 05:15:40 GMT
via
1.1 cd95edab6af9e155d29dc1b1149a5a70.cloudfront.net (CloudFront), 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW53-C1, LHR50-P3
age
60465
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23473
last-modified
Fri, 27 Oct 2023 03:36:32 GMT
server
nginx
etag
"aeb05983c20eac035ea2a7d7acfe26b3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
iYiUBxe0W39TKk9UvGxtOBXyF_XJ1ytUe8zNF4mfJueBEOyobml8vA==
expires
Sat, 28 Oct 2023 05:15:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E44C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options
nosniff
age
342078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 23:02:07 GMT
48ce1010-d9fb-4e4a-9180-d1a0eb720b79
config.aps.amazon-adsystem.com/configs/ 		537 B
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-64.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
460f1244842bc6da64dfe2d9a5db61ef9198d54e94b649dea6be76715e7d968c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:20:51 GMT
via
1.1 caeb89b8b8a5b107795bac07edc9b810.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MXP63-P3
age
2555
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
Mw_ZteCfXDFeYZ9QZ5PXoYz6RnZZNqMIqkz1VX4AOJAkRoD3xa1elQ==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-83.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
9650c2f047b36768b976528d0a79622dd201ffb17c6bdb499f7de288a3e1e9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 17:47:31 GMT
via
1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
age
15354
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1703
x-amz-cf-id
5TTacfJo8nUiIZ_mOBk7ElB6plmraYPwNbYn7SGs2QD_v-AhfoKJ3Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=NDvtMSklCjMsy&cb=0&ws=1600x1200&v=23.1020.1619&t=2500&slots=%5B%7B%22sd%22%3A%22pb-slot-right-1_fcxqoxpg9zm%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
9VFFMHE74A0C94YGKRQF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
gVtbSCEzMS5Mu7M_TYLDuNFKyda9-d0g9tyCDZLg80wHCV1y69xZiQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=NDvtMSklCjMsy&cb=1&ws=1600x1200&v=23.1020.1619&t=2500&slots=%5B%7B%22sd%22%3A%22pb-slot-header_qulnvmzb3sc%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F63317524%2Fdfo%2Farticles%2Fleaderboard_header%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
SQH9X48YWXD9CHQV48YJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CY9LPD46Vc68Sjj791QjISUchr3HER8dpEliw8zSG07V76mVUGLFjg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=NDvtMSklCjMsy&cb=2&ws=1600x1200&v=23.1020.1619&t=2500&slots=%5B%7B%22sd%22%3A%22pb-slot-right-2_wf4e99cztx%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right2%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
K8FNNW6BWHEEBDTWM99G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
mhKQxhk88AOXwIJScrI6M6HXTyK9KAkLj0JG50OmE82eFnp0okj1lQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
date
Fri, 27 Oct 2023 02:20:27 GMT
x-amz-cf-pop
ZRH50-C1
age
72087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
7ha6L-DfIy9fyqoRh4-VrQO6lUl1ZOMhsascis8QzrvMThaMIfoKag==
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 3EF7 		184 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
1c9e093dff3dccca5949b2ec7d95ce0fde4a030d56f866c05f97c34ef6fd54c1

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
Expires
0
/
shb.richaudience.com/hb/ Frame 3EF7 		4 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 3EF7 		144 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
01dae0ec506162147fb3866741d9abbd1d30fe98893260cf8579a64d0b0467c8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:26 GMT
an-x-request-uuid
7e24f85c-ecd4-456a-84e9-f6ca70b67906
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 3EF7 		36 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227c4e1a1f13b1e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailyfaceoff.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A2%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.dailyfaceoff.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%2C%22adunitcode%22%3A%22adUnit_17%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2289f5438115cf54%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22tid%22%3A%22f89baf68-8161-451f-a4cc-3f02148c5834%22%2C%22sid%22%3A%22656x369%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B656%2C369%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A656%2C%22h%22%3A369%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%229b07d01d7916b9%22%2C%22ext%22%3A%7B%22siteID%22%3A%221014833%22%2C%22tid%22%3A%2261808b31-e2b7-4569-810d-0c3267b66967%22%2C%22sid%22%3A%22656x369%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B656%2C369%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A656%2C%22h%22%3A369%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2231368%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22114a0e8a-47ec-4838-98cd-d83c33a69030%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c4716596e995d114d45a22e4adfc14eb492e37edfd12be58c2cfd122bc992f

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSW8V50OBTB2aoNLvf%2FCFsXAzWqi1DiMKQ%2FJe8E1RwGuRjQ6lV1qmi2sxhWj707CG2C6l8RnQ%2Fjo5hl7naWzwJZVOBuTEXTh6aswaYRFMepEtiRF7u%2FP5yQSNP8t%2Bi%2FbYxWuhysn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ce3aa0f8db904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 3EF7 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 3EF7 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveInternalSsp.php
rtb.primis.tech/live/ Frame 3EF7 		25 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgWrgP47tW%2F2hQ5a5byEsm%2BgwC7Vk2tEXDpPzIHMqgPnRk1aYb8NsPvrPETtwMjwJnqbVUcn3PI%2Bs5O45mEC8PsP%2BWpLtrBIi297XauM1%2F%2FkChO1bhnq6S3XYcdk8rrtzyALO6yAMrSWVBTxwZLadhXg63%2F%2F3h%2F1oTI%2FptPgIfNJq6OQbwmUobZdgiEERchltduMzkNt2hYrKGpW%2B3ba67e4wkDAzyQcFinU7YrQE8O1JKjkr0ZFe1YzCeB78QTcTuDQ8C8khaiIYyD0amD%2FahhwE5DxGFifzGfM6%2BkeJzCRXVFizsCri1H%2F2358%2FJLpVE9fobZXxaw0YUkSkhJFN2gyauoC%2BfROIgZmiFefuM9JQeWhoA25NA%2F%2B%2BGhu9RW6NOWU6KafsS%2Ba%2FCBWU6m3D1XAqlO5RFZo1GWNopMz%2FEpjw6m1Be75Brt1OLDSScJ52lB1bU6MBsup293E%2B9Q%2B7ZN7tbEjKbSkpI0om9rRsN%2FjNsv6bdlBXJiyDQgjdD2AztkgkPX%2F737sRE3qAg6A2Y4X4z%2BIY1Ibp6xCiPSkmXCqM0pDjP8hyrbDXv1NKwTS6QMTZ0Hp%2BqQ8y2NCgWvRP5dWx1VFXTIQCCVrs9MuXtmnDetHFZy3yug8VWlxdbali47Pq7J0r0hIrEELZrO5wgFMXp6xIlTv75RLnBrM7cLpL356lt%2BH7nUaGOOfAYxnCKSpGddSdtn8wa48XoCT1S6zI1Tb%2BLfGszZE24XXYiv0nFNvYqLkPq5JW%2Bd2pWDyxc7Ed2UayFmcEQa3fchJb%2BjewS4qE%2BNjgPKfiZDyETwGyLNr%2BrZIJK42TDLMuN01ADPxEjgO%2FQIpIhWM2kET4%2BNknmnzRlXVgVEYUBDtKEfluJDGZaBpM3S47KiIOwfJxh3kHPKSbk6SjK9nttq%2FIS0OHYZysmSAmgdhbM09kusGNQuT4SffmmiDylSYJz85wt2TjJxyzn4HlWJ8efKHUDxkkxYNyecuuY117o%2BpzuGkZFjsZxOEVmxgWo43LN%2BA7JlrJgEgM1fhpFUZmbddlmtbcg47trWxDUNIG3JirPuegaYTPEEdCjS73OnQxjPI4LEtBkXSQ53VHuSILVvNZzzfBcSmRyd9HJCbihlb3g8OdeMQegKxQ3ZWrDMvBK56zKSeptOpI39dwTUvgO%2FwuE1UFjBG6G%2FtdhUUrDWAVHWyOxNts%2BIyrLXuAH89t1Y7ivJKP5zRDVpZzTh0HWLMx%2BdGP5aKAOPNiCEy9yqgQinx28XZfCqvBqECRHcD56MegdlI%2FyLF%2Fo%2FVPeex26tMYpNAothEGuUuJrbzJZ3kN%2BOQXvBOJvwlvIx9uTvoqOSpmzChVgW%2BcqTDdPYpvcBfqTZzqIxFXBzE6b6%2Bv9EeS3HpYKpVynWW9eQusU7pUWqswUFedd9C5z2ZMrdQyBAFm6Thhfbiy6jvtdVtlj5otUxuOx4CuYeFEu4Oo%2FzAo8lr5Xx%2FHOIcyYJz70Rh2bNY3nMsnDFBD21r04ya837nwq%2FYXghOnE7LrEFIPZPWkHL4zvefT%2FXDid0sKTqiSC%2BqP9CEeM9ivBysYGNsAShMRWjhiMmzsd%2BWe7%2FIcr1x%2BK41oWDa20ptKkV88ss72VW02PWwzMQgqf8F7rlxP599PKeoh%2FfJV5aVHMlbdm7jTLZ%2FeZw6NYJ%2FgNk6f6f3yzice9DfLd%2FMpKKwlDWkgxrk%2FoEIPUg%2BB5uAojxO1GmQmhuR%2FIgRUj37ckpmRQ2xFeW8c6sBNvm7tRPyyqBf2r6Ol3124OqG9%2FoA6rQcQjCMDng0CUVgMwRIapMDWm5OWIMcR%2FP4wShihBKK9AyBCOYg2a9kqhGMEk3DOIbte270IUspT9ExSRiP43AIb2YtcQyAbNKPPbeQBFnZbAyCQkFsAnQLHy3kGtKHq%2FInCAfiLhORjJ53N4Jaw7B39Tpf%2FDCCamvbFsT3om4EEwDFN4tkQN4%2F2STh58%2FrwxpSq38yUargvXtmeuPV4fzkpd5zR3rcPR6owPAAJ2RG5Z50C4wHeZTTVI1%2Be866y6rqMrbDYH99s2psv1XpAyhdUoBC9ATyC5dr3T%2F%2FZVZi9WjNSmpWDzD3lAWSiB1QaOpGZC3slsdWpjFrpsGqsTzQ%3D%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:25 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
TqXV5gr97EK2PwvUNbH98i-V0JnsIn1E_XPaLbYjZMFEBEpV6tcyQQ==
48ce1010-d9fb-4e4a-9180-d1a0eb720b79
config.aps.amazon-adsystem.com/configs/ Frame 3EF7 		537 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-64.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
460f1244842bc6da64dfe2d9a5db61ef9198d54e94b649dea6be76715e7d968c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:20:51 GMT
via
1.1 caeb89b8b8a5b107795bac07edc9b810.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MXP63-P3
age
2555
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
PGmFvN3yc-yKXwFrFNfUxU6nEAPZGYv_dDierCJ9L6JsQuAcgAA1pQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 3EF7 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-83.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
9650c2f047b36768b976528d0a79622dd201ffb17c6bdb499f7de288a3e1e9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 17:47:31 GMT
via
1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
age
15354
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1703
x-amz-cf-id
se1JmLRB76aK8pkBHUls9t3Qzb8mFQew_FWcDnrvbGczazyMKmK9cQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2248ce1010-d9fb-4e4a-9180-d1a0eb720b79%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ Frame 3EF7 		43 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2248ce1010-d9fb-4e4a-9180-d1a0eb720b79%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.dailyfaceoff.com%252F%22%2C%22lv%22%3A%2223.1020.1619%22%7D
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
JTN2W08WQGES2VE5N2N3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
V1QCk6D6EDF0zpHBwzGJGPpjFLHGjQwfBE2wj00E2-rAaCjkWtTRww==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 3EF7 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=raZFHmvMiGgbJ&cb=0&ws=1x1&v=23.1020.1619&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A80%2C%22id%22%3A%22Amazon_Video_400x225_Mob%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
NF8BG8B6T8EV700MP7YZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CFOquRdI7jTgl_L2h5IaBXo1c8b4K5MHZGmrpl6_TNsCqFJGFibFaw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3EF7 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
date
Fri, 27 Oct 2023 02:20:27 GMT
x-amz-cf-pop
ZRH50-C1
age
72087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ff_5zadWoZC_yMHOwYB5gUdGGoVczzL4mFvhY58tWll0cJinqrTaTw==
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		132 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bf9f66804f5b3fd3709c98ce41ebe1a4a9ce41383afb559282b5d035360960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 16:39:42 GMT
server
cloudflare
age
0
etag
W/"df69c18a6b7ca223bebd3a6b46665609cb2af612"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81ce3aa18bae5c14-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
391476
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 23 Oct 2023 08:11:06 GMT
Server
cloudflare
ETag
W/"42783f4dfb63346ef86cbdd3594314a1"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbmX1JZS5YxM49T1q3E2pJqgmCMgGGWP0vRGI5uau7elT8XpMwCpyWOSVrd1NoQXuNmiDlfqvMQ8CrH%2F55WnT4JnCZcCRZ%2FSdQtnaydlDWJ2sRC3fBEgH63O9c5zXT%2BjSW%2FKfwO%2FCY%2FSnxYn"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
81ce3aa1988e3a7e-FRA
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.11.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-11-122.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 27 Oct 2023 22:03:26 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/launchpad-liveramp.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.137.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-137-23.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ca989cec583ed69b2df63c05d91ead25e13201945d9cc0bf9238a1a4d96045

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 02:20:28 GMT
x-amz-version-id
h91SDFhOPIWZi6JuY3Jh6k._VuWPgtEM
content-encoding
gzip
via
1.1 ce084a1179392e1921b98c60a4590284.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C5
age
70979
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 25 Aug 2023 19:36:12 GMT
server
AmazonS3
etag
W/"a45252f007dde799051d352790bae43f"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
OdffXtOfpOQRS5uKdPOgfMJrMVl6GhkDSKNYI6sf7-TT_PP6dMBMEg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-78-67.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 27 Oct 2023 22:18:26 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-38.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:34:59 GMT
content-encoding
gzip
via
1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P3
age
73708
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
zcAzv2B9cUS9uXx5PiXxsY6x7ay0jMC5KamsENN5qW9YcPKFjMNfjQ==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.11.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-11-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 27 Oct 2023 22:03:26 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ads
securepubads.g.doubleclick.net/gampad/ 		722 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2420201654124190&correlator=4097638976352861&eid=31079110%2C31079233&output=ldjh&gdfp_req=1&vrg=202310180103&ptt=17&impl=fif&iu_parts=63317524%2Cdfo%2Chome%2Cboxbanner_right&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&didk=3417701857&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698444206397&lmt=1698437006&adxs=743&adys=421&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&vis=1&psz=388x0&msz=388x0&fws=0&ohw=0&ga_vid=137208439.1698444205&ga_sid=1698444206&ga_hid=1222580907&ga_fc=true&dlt=1698444204146&idt=1779&prev_scp=test%3Dprebid%26cw%3Ddailyfaceoff.com%26amznbid%3D2%26amznp%3D2&adks=1321903318&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b61de031c9ca1a2595e7f6e33626130f32d5f2cb64ff2075cb75f4159aa2be1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
356
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180103&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c73e71693ae2d6b47e3af52357f5709628e1ab6f1a3e68546546b89423a0575f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12180
x-xss-protection
0
container.html
259f49d43f9ce59c9f2afc839769d37e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D44F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://259f49d43f9ce59c9f2afc839769d37e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 22:03:26 GMT
expires
Sat, 26 Oct 2024 22:03:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		638 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2420201654124190&correlator=1613312898141984&eid=31079110%2C31079233&output=ldjh&gdfp_req=1&vrg=202310180103&ptt=17&impl=fif&iu_parts=63317524%2Cdfo%2Chome%2Cleaderboard_header&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=2&didk=4013707231&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698444206456&lmt=1698437006&adxs=436&adys=1449&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&vis=1&psz=1280x0&msz=1280x0&fws=0&ohw=0&ga_vid=137208439.1698444205&ga_sid=1698444206&ga_hid=1222580907&ga_fc=true&dlt=1698444204146&idt=1779&prev_scp=test%3Dprebid%26cw%3Ddailyfaceoff.com%26amznbid%3D2%26amznp%3D2%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D728x90%26hb_pb_sovrn%3D0.00%26hb_adid_sovrn%3D11597effbb12cf59%26hb_bidder_sovrn%3Dsovrn%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D11597effbb12cf59%26hb_bidder%3Dsovrn&adks=3487462529&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8da870fddc73389a65817e544819ad05fa8a7f595a93f657ab151f271d3380a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2420201654124190&correlator=1527281366833309&eid=31079110%2C31079233&output=ldjh&gdfp_req=1&vrg=202310180103&ptt=17&impl=fif&iu_parts=63317524%2Cdfo%2Chome%2Cboxbanner_right2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&didk=63984967&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698444206478&lmt=1698437006&adxs=1124&adys=1591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&vis=1&psz=300x250&msz=300x0&fws=512&ohw=0&ga_vid=137208439.1698444205&ga_sid=1698444206&ga_hid=1222580907&ga_fc=true&dlt=1698444204146&idt=1779&prev_scp=test%3Dprebid%26cw%3Ddailyfaceoff.com%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.12%26hb_adid_appnexus%3D12202608782a2169%26hb_bidder_appnexus%3Dappnexus%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.01%26hb_adid_amx%3D1172275e9fc0f094%26hb_bidder_amx%3Damx%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.03%26hb_adid_sovrn%3D1164b9df8c119af1%26hb_bidder_sovrn%3Dsovrn%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.12%26hb_adid%3D12202608782a2169%26hb_bidder%3Dappnexus&adks=1106154392&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b274b46ff98a2800b10fc6bfd1022c3ad0b5bbd3eedbbca44c6db1ff8849f69d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12362
x-xss-protection
0
google-lineitem-id
6302246149
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432896372
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/ Frame 3EF7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/launchpad-liveramp.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.137.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-137-23.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ca989cec583ed69b2df63c05d91ead25e13201945d9cc0bf9238a1a4d96045

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 02:20:28 GMT
x-amz-version-id
h91SDFhOPIWZi6JuY3Jh6k._VuWPgtEM
content-encoding
gzip
via
1.1 ce084a1179392e1921b98c60a4590284.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C5
age
70979
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 25 Aug 2023 19:36:12 GMT
server
AmazonS3
etag
W/"a45252f007dde799051d352790bae43f"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
28DLlsG4pt1xTKoXj1qWgKsGgllpSFdS1QHOWw2zaYuaPR4I2432PQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 3EF7 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-78-67.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 27 Oct 2023 22:18:26 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 3EF7 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-38.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:34:59 GMT
content-encoding
gzip
via
1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P3
age
73708
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
lk-_dWWsHr7nSexK-RPg4yPs7ou_6k5BAX9cGhL10hD7a93WTzDHEg==
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		128 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.46.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-46-25.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
PnaJdxHydHN9eEuWHl7A1SeLMo27G9Y2
content-encoding
br
via
1.1 2baf05c1608b7148404c7fdd295985ea.cloudfront.net (CloudFront)
date
Fri, 27 Oct 2023 21:56:14 GMT
last-modified
Fri, 27 Oct 2023 11:56:06 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P2
age
433
x-amz-server-side-encryption
AES256
etag
W/"8f65165dbe6028fe7739c568043840fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
MAIZds6C-y6zjnkZdi5VUKnCaWYER5cLGNuglF8_FS00PHOOzVuOIQ==
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 27 Oct 2023 22:03:26 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 22:03:26 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3EF7 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08111d73cf694f4b8b7339301e9bb8f18326ff8e5bead87bbd8d7a9ead6e74c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127417
x-xss-protection
0
expires
Fri, 27 Oct 2023 22:03:26 GMT
liveView.php
live.primis.tech/live/ 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwx4NDQ0MwA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTplNTYmMTIzrD02NTYzrT0mNwxzoXN0YT0kNmI1NTU0MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqzyxX2F0nT12nWRyolZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTNuMDAyM0EkMDElJTNBZDVyMCUmQWElMGYyM0E2NmUmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkOC4jLwU5OTMhMTE3JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTNwMmNuY2I2ODt3JaJ2ow01NDQjJzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwx4NDQ0MwA2NwA5JaVcZD1TZWgcozRiU1BfYXyypwY1M2MmM2FwZDYmMGQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9MwIjNwA0NDQ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:26 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-id
k5InYu-E5gecOTkLEq9wYfz9ik8XoEKfXFTGbehFCDwSDGVW2VufSg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.247.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-247-62.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e0cb3a2656b642eec435dd8e72bb737734fc69af03edd834bb34493df614197b

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
x-server
10.45.21.33
access-control-allow-credentials
true
content-length
60
expires
0
launchpad.bundle.js
launchpad.privacymanager.io/latest/ Frame 3EF7 		128 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.46.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-46-25.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
PnaJdxHydHN9eEuWHl7A1SeLMo27G9Y2
content-encoding
br
via
1.1 2baf05c1608b7148404c7fdd295985ea.cloudfront.net (CloudFront)
date
Fri, 27 Oct 2023 21:56:14 GMT
last-modified
Fri, 27 Oct 2023 11:56:06 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P2
age
433
x-amz-server-side-encryption
AES256
etag
W/"8f65165dbe6028fe7739c568043840fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
faWvdywtq4DUk3tRhv6vYK93GmrRatJYTVs4lL1lABXD9bpRnODD4A==
map
bcp.crwdcntrl.net/6/ Frame 3EF7 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.247.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-247-62.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e0cb3a2656b642eec435dd8e72bb737734fc69af03edd834bb34493df614197b

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
x-server
10.45.12.242
access-control-allow-credentials
true
content-length
60
expires
0
/
geo.privacymanager.io/ 		30 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-72.mxp63.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Oct 2023 00:59:45 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront), 1.1 71f808ad45a98980e167f452a2aaf882.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MXP63-P3
age
75821
x-amzn-requestid
75ae87d7-8138-402c-9787-31fb3634fce2
x-amzn-trace-id
Root=1-653b0b81-4a5b299e41e3670549563f50;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Nb68TEa_DoEEW1g=
content-length
30
x-amz-cf-id
AU7FVYcB7cYCx5qtt5MO-rO8-xIHuGE2TyIFPSy5Zv4Vo_br4_X18Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-72.mxp63.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 27 Oct 2023 22:03:26 GMT
via
1.1 98e5b56b1ba8a3ddf54b22d6fc81c3c2.cloudfront.net (CloudFront), 1.1 71f808ad45a98980e167f452a2aaf882.cloudfront.net (CloudFront)
x-amz-apigw-id
Ne0DXFv6DoEEm0w=
x-amz-cf-id
eNs2lXQLnq3PV1QTIlq0zlCAl9NxuGQJkUVnZdu-MXvZ5VbzRaOYOg==
x-amz-cf-pop
MXP53-P1 MXP63-P3
x-amzn-requestid
bff34f2d-5bd0-48f7-ae3b-48edc9462ec8
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ Frame 3EF7 		30 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-72.mxp63.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Oct 2023 00:59:45 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront), 1.1 71f808ad45a98980e167f452a2aaf882.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MXP63-P3
age
75821
x-amzn-requestid
75ae87d7-8138-402c-9787-31fb3634fce2
x-amzn-trace-id
Root=1-653b0b81-4a5b299e41e3670549563f50;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Nb68TEa_DoEEW1g=
content-length
30
x-amz-cf-id
nvi1X5KvzutFJxWy3zA_9uieg1AhfHENjltV-hYtDQvyR5kGTqZkYw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-72.mxp63.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 27 Oct 2023 22:03:26 GMT
via
1.1 159e16027561f2440d64c3f79534611e.cloudfront.net (CloudFront), 1.1 71f808ad45a98980e167f452a2aaf882.cloudfront.net (CloudFront)
x-amz-apigw-id
Ne0DWHAoDoEEaMQ=
x-amz-cf-id
ZwfkBxbuePitsUtgryAnmGTKADO_BbKUITSGC-vzyws3MuJUc6vIGA==
x-amz-cf-pop
MXP53-P1 MXP63-P3
x-amzn-requestid
cd182328-d0d8-4690-a543-f2dd313e7495
x-cache
Miss from cloudfront
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD59 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 10:11:35 GMT
expires
Sat, 26 Oct 2024 10:11:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1691 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aae141a10815da23307e21f87d55c9b0a80de1600dddd83e0164b8c9b03a202b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_T6Y38gr0w7BfSG8Am_mFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_T6Y38gr0w7BfSG8Am_mFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 22:03:26 GMT
expires
Fri, 27 Oct 2023 22:03:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame E465 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvrsOEboDW5T5t5tuZ8EtGLdY-Z377sKbHCyc1GEsZBnoaJHQx0P7TS6IdOl3dnikSkJm63b12_zcrjyjCRyOYhVjNtMwf5AN4XhKxRawTcmUcHQIdTQcN-hKVod1YmB1eBhjafeyOmhDxmD5v3N1DsMeeE2OAuJNrz-cg6ReYWmJhphS9uogI0GvwfWQop6dcV85QfmGKkkSafRdYqOQXQZGSGb6j5WNKc3Pnrv0GtGe36esQ1s_kepD7O2FtkSyC-3PODais8W29FWrY9wcApQojkeNfG9hNQz9mK1KaaqgjQGRhrEGpSvuNS3gk7ieLqNOGeSqCDVRGQzMi_lyqPIuLpNJ9GfsUN6p_JSSIhvGPL22j0pTmytRg8yE4mg&sai=AMfl-YQd5-E3MX9bhtWD5pmW09AiGUHzsUyXw_WQzWc0k8UBlnIHgl5ALYfPvVkClED9mm_LWCIj6iFSWG0lPLqb3HyPqRm9fJxWW5SyGPAWBYxIkGRR2o8w7-t4IadO-3g77UWxp6yod4_k32XSo4E&sig=Cg0ArKJSzIjRQU5fY37MEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 27 Oct 2023 22:03:26 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame E465 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5738
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quj9llZT1rzzx5v7iLZQwP63OU6yikptgDr1KfYw2xcn731fqBIX1gN33BvUAX6PXqPGOMvBg6X3TbN9x8th%2FMjhJH9n8QHjAOLJLaInuQhuSgrj2y58lhIxup6Wj8rOMCukCiA3Ab496DkMbrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81ce3aa489c01c32-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E465 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:03:26 GMT
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 5ECD 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
132573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 09:13:53 GMT
expires
Fri, 25 Oct 2024 09:13:53 GMT
last-modified
Thu, 26 Oct 2023 09:08:13 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3EF7 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Oct 2023 22:03:26 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DBDE 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 27 Oct 2023 22:58:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame D4EF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7838&pub_id=997666
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 27 Oct 2023 22:03:27 GMT
ETag
"623de86a-cf34"
Expires
Sat, 28 Oct 2023 22:03:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
rd_log
ams3-ib.adnxs.com/ Frame E465 		0
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&e=wqT_3QLbDvTwAlsHAAADANYABQEIrefwqQYQ5Ljczpfr4PxlGOKyr52G4L6Bcyo2Cf8i-Bfx3Mc_Eb7GR-6IyL4_GQAAAEAzMwNAIdtws9Nqo8Q_KeW4UzpY_88_MQAAAEAK19M_MJ2Q1A04nj1Ah11IAlCtpPjbAViY301gAGjo1mZ40PEFgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDY5MDM4ODYsIDApO3VmKCdpJywgNzg2MzY4OCwgMCk7dWYoJ2cnLCAxOTgyNzk5MiwgMCk7dWYoJ3MnLCAyODc2Nzg2NjksIDApO3VmKCdyJywgNDYxMjQ3MDIxLCAwKTuSAvkFIXFKYjBzZ2pzekpJYUVLMmstTnNCR0FBZ21OOU5NQUE0QUVBQVNJZGRVSjJRMUExWUFHQ2lBMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCZG81Yy1UZFZ6al9CQWMtcUk4MC1fODhfeVFFQUFBQUFBQUR3UDlrQjJldmRILTlWN2pfZ0FZajczd1AxQVFBQUlFQ1lBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQW9MYTFDdm9BbzItN3FrRy1BSUFnQU1CbUFNQm9nTVhDTzJ5MkN3UUFoZ0JMUUFBQUFBeUIyUmxabUYxYkhTaUF3NElndHJVS3hBSUdBQXRZQ0hDUGFJRERnaUMydFFyRUFrWUFDMWdJY0k5b2dNT0NJVGExQ3NRQ2hnQUxRQUFnRC1pQXc0STVkUzZLaEFMR0FJdEFBQUFBTG9EQ1VGTlV6TTZOakF4TWVBRDZrU0FCUGJZNXd1SUJQM1k1d3VRQkFHWUJBR3lCQWtJbXBCTEVNdmZ2dzI2QkJrSWhRUVJ3X1VvWElfQ3hUOFpBQUFBQUFBQUFBQWdtcEJMdWdRYUNLNWFFUUFBQQUXDEFBR1ENCWBDeEFJTXJVanhEQkJNUDFLRnlQd3NVX3lRESEkQXNRTmdFQVBFRQ0yUEFBQUNJQmZzdW1BWE53WmFKQWFrRgEWAQEQOEQteEIVOxBBQXdRVQEXAQEIRVFNLigABF9SLigAADINKMhMRVM0UC1BRnBzTUI4QVdZbXJvSi1BWE9zS1VEZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkBXAEBLEVRS2dHQkxJR0pBawEQCQEAQh23BEJrCRQBAQBDHRgYTGdHQ29FSQEXBEFEQZCYOC6aApkBIWp4cVhsd2pzekpJYUVLMmstTnNCR0pqZlRTQUFLQUF4BTEEQUEBZHg2Q1VGTlV6TTZOakF4TVVEcVJFblo2OTBmNzFYdVAxHW0ARh2FMEdIRDlTaGNqOExGUDIVGAhzUUgdMBBIZ0FpUREQ8FhEd1B3Li7YAryUA-ACsLJe6gIdaHR0cHM6Ly93d3cuZGFpbHlmYWNlb2ZmLmNvbS_yAhEKBkFEVl9JRBIHNjkwMzg4NvICEgoGQ1BHX0lEEggxOTgyNzk5MgEVVAVDUF9JRBIJMjg3Njc4NjY58gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4UEAoFSU9fAYkINzg2gacY8gILCgdJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg5MTU2NTMxNPICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjk4NDA2MTU38gIVCghTUExJVAFfGevwsIADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA9b9I-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA00NS4xNDEuMTUyLjc3qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzExOTExI0FNUzM6NjAxMdoEAggB4AQB8AStpPjbAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMeAAA2AUB4AUB8AXxvwT6BQQIABAAkAYAmAYAuAYAwQYJJCzwP9AG6pEB2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH0PEF0gcNCREoASYI2gcGAV6oGADgBwDqBwIIAPAH0uADiggCEACVCAAAgD-YCAHACLyUA9IIBggAEAAYAA..&s=2e1bde53e7100c198c77aa5294d9bfd55ef8bb53&bdref=https%3A%2F%2Fwww.dailyfaceoff.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.dailyfaceoff.com%2F,https%3A%2F%2Fwww.dailyfaceoff.com%2F&
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
an-x-request-uuid
ea7cdbae-5d42-49c9-8d94-201b40ca6a36
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
5d8dc6b5-349c-4113-b7e3-4f565a86f5d9.jpg
crcdn01.adnxs-simple.com/creative/p/11911/2023/8/30/49640577/ Frame E465 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11911/2023/8/30/49640577/5d8dc6b5-349c-4113-b7e3-4f565a86f5d9.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
ac1b23dbeb99bac0e5940f3609753e6f8a821a4d10e269e4002a3b3254b267ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:27 GMT
Last-Modified
Wed, 30 Aug 2023 15:28:53 GMT
Server
nginx/1.21.3
x-amz-request-id
e3216106-2ae1-45b6-a2e2-1cabb0a0a6d9
ETag
"00906b9ff71e0f647516f774714b36db"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
e3216106-2ae1-45b6-a2e2-1cabb0a0a6d9
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37599
X-Clv-S3-Version
2.5
Expires
Mon, 11 Dec 2023 22:03:27 GMT
trk.js
cdn.adnxs.com/v/s/239/ Frame E465 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Sat, 26 Oct 2024 22:03:27 GMT
it
ams3-ib.adnxs.com/ Frame E465 		0
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.dailyfaceoff.com%252F&e=wqT_3QK6DPTwAjoGAAADANYABQEIrefwqQYQ5Ljczpfr4PxlGOKyr52G4L6Bcyo2Cf8i-Bfx3Mc_Eb7GR-6IyL4_GQAAAEAzMwNAIdtws9Nqo8Q_KeW4UzpY_88_MQAAAEAK19M_MJ2Q1A04nj1Ah11IAlCtpPjbAViY301gAGjo1mZ40PEFgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDY5MDM4ODYsIDApO3VmKCdpJywgNzg2MzY4OCwgMCk7dWYoJ2cnLCAxOTgyNzk5MiwgMCk7dWYoJ3MnLCAyODc2Nzg2NjksIDApO3VmKCdyJywgNDYxMjQ3MDIxLCAwKTuSAvkFIXFKYjBzZ2pzekpJYUVLMmstTnNCR0FBZ21OOU5NQUE0QUVBQVNJZGRVSjJRMUExWUFHQ2lBMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCZG81Yy1UZFZ6al9CQWMtcUk4MC1fODhfeVFFQUFBQUFBQUR3UDlrQjJldmRILTlWN2pfZ0FZajczd1AxQVFBQUlFQ1lBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQW9MYTFDdm9BbzItN3FrRy1BSUFnQU1CbUFNQm9nTVhDTzJ5MkN3UUFoZ0JMUUFBQUFBeUIyUmxabUYxYkhTaUF3NElndHJVS3hBSUdBQXRZQ0hDUGFJRERnaUMydFFyRUFrWUFDMWdJY0k5b2dNT0NJVGExQ3NRQ2hnQUxRQUFnRC1pQXc0STVkUzZLaEFMR0FJdEFBQUFBTG9EQ1VGTlV6TTZOakF4TWVBRDZrU0FCUGJZNXd1SUJQM1k1d3VRQkFHWUJBR3lCQWtJbXBCTEVNdmZ2dzI2QkJrSWhRUVJ3X1VvWElfQ3hUOFpBQUFBQUFBQUFBQWdtcEJMdWdRYUNLNWFFUUFBQQUXDEFBR1ENCWBDeEFJTXJVanhEQkJNUDFLRnlQd3NVX3lRESEkQXNRTmdFQVBFRQ0yUEFBQUNJQmZzdW1BWE53WmFKQWFrRgEWAQEQOEQteEIVOxBBQXdRVQEXAQEIRVFNLigABF9SLigAADINKMhMRVM0UC1BRnBzTUI4QVdZbXJvSi1BWE9zS1VEZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkBXAEBLEVRS2dHQkxJR0pBawEQCQEAQh23BEJrCRQBAQBDHRgYTGdHQ29FSQEXBEFEQZCYOC6aApkBIWp4cVhsd2pzekpJYUVLMmstTnNCR0pqZlRTQUFLQUF4BTEEQUEBZHg2Q1VGTlV6TTZOakF4TVVEcVJFblo2OTBmNzFYdVAxHW0ARh2FMEdIRDlTaGNqOExGUDIVGAhzUUgdMBBIZ0FpUREQ9BcBRHdQdy4u2AK8lAPgArCyXuoCHWh0dHBzOi8vd3d3LmRhaWx5ZmFjZW9mZi5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD1v0j4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTQ1LjE0MS4xNTIuNzeoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTE5MTEjQU1TMzo2MDEx2gQCCAHgBAHwBK2k-NsBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF8b8E-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuqRAdoGFgoQAAUSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfQ8QXSBw0VZQEmCNoHBgFeyBgA4AcA6gcCCADwB9LgA4oIAhAAlQgAAIA_mAgBwAi8lAPSCA4IgYKEiJCgwIABEAAYAA..&s=41ce0d6313bb3ac6d66d9448741fd2e99baecb3a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
an-x-request-uuid
bbfcc109-478f-4f56-9c82-5fbd847e8c9b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ingest.php
events.newsroom.bi/ 		2 B
780 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
sodar
pagead2.googlesyndication.com/pagead/ Frame 1691 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180103&jk=2420201654124190&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame E465 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2dxkx5wy2BHw-j3lP6pZQNEgP4pljQGlcpiKBG5MPMr1Oy2kW_2pweoMOTuh_c7Y-MMgtjFkIaIdDyYMN-wRA4VVyI6-JRwWft-5UzZYgM9nOF0A6IckOYrSCpqREZfcY6ehIfRTa6y-Ra9BDtkTZM0XaMQiqNVerX8a9n3x4XBHTRE4uDr--DLOpzaQ1Hso8RFIDTO2_qQFmjga4m35raK5PbhI3dz-pLup7amFj40WetbGdq-p5R2Lxyx0abjAlorRdIsKGHnkzpOq7GqU8iCz8h5mQQeIVlpqVjFRWXV9ucC3nsgPrCr4x7V26JSQLiaF5LhEEG77Z8-kJ-7WuF3URrHx1US4nU8rG_ShumRKRlPG1fKfucyXr6xEbZGCk&sai=AMfl-YRR30fzQLIiQYFmQTtZAYajSe6PZfiMlBfCUWF7au-LAXaj5XXaDvj-IgKgjKa6Go04OrWI4pENgCcpaaUkk_xIHhUzcHgdHKhS6S2iQkTsS4gO47Fn77Rr0N4GNE5ZyPlzvofQ_Dg6d8cyXAc&sig=Cg0ArKJSzHPV6LcJ83IjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 27 Oct 2023 22:03:27 GMT
truncated
/ Frame E465 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4a244bba173746bb344d9da5e64977d078c97b29b2656e5e189ed6809f02db4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame D4EF 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7838&pub_id=997666&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7838&pub_id=997666
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
an-x-request-uuid
1394f90c-d48b-4ae2-b4a9-3b952221f9e8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame AD59 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 11:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
37065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 11:45:42 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5ECD 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F63317524%2Fdfo%2Fhome%2Fvideo&description_url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&env=vp&correlator=1143668415600860&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=670x338&unviewed_position_start=1&ad_rule=0&cust_params=player%3Dprimis%26tagID%3D%26postID%3D%26prmsig%3Dwdvsfe&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4099075284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&sid=67FBD55A-AE9C-4E55-B9FC-550D0D930F7D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44806075&ref=https%3A%2F%2Fwww.dailyfaceoff.com%2F&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dt=1698444207343&cookie=ID%3D308d2f0f8c1e4dbc%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MYu3bQ2peP66yA41sAPxUM9Lh0Dug&gpic=UID%3D00000caa4952bf1e%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MaODL0aDXhX8rpDJAd_zD98WePjbQ&scor=3745081227201634&ged=ve4_td2_tt0_pd2_la2000_er581.-2600.734.-2300_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame E465 		0
666 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&e=wqT_3QK6DPTwAjoGAAADANYABQEIrefwqQYQ5Ljczpfr4PxlGOKyr52G4L6Bcyo2Cf8i-Bfx3Mc_Eb7GR-6IyL4_GQAAAEAzMwNAIdtws9Nqo8Q_KeW4UzpY_88_MQAAAEAK19M_MJ2Q1A04nj1Ah11IAlCtpPjbAViY301gAGjo1mZ40PEFgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDY5MDM4ODYsIDApO3VmKCdpJywgNzg2MzY4OCwgMCk7dWYoJ2cnLCAxOTgyNzk5MiwgMCk7dWYoJ3MnLCAyODc2Nzg2NjksIDApO3VmKCdyJywgNDYxMjQ3MDIxLCAwKTuSAvkFIXFKYjBzZ2pzekpJYUVLMmstTnNCR0FBZ21OOU5NQUE0QUVBQVNJZGRVSjJRMUExWUFHQ2lBMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCZG81Yy1UZFZ6al9CQWMtcUk4MC1fODhfeVFFQUFBQUFBQUR3UDlrQjJldmRILTlWN2pfZ0FZajczd1AxQVFBQUlFQ1lBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQW9MYTFDdm9BbzItN3FrRy1BSUFnQU1CbUFNQm9nTVhDTzJ5MkN3UUFoZ0JMUUFBQUFBeUIyUmxabUYxYkhTaUF3NElndHJVS3hBSUdBQXRZQ0hDUGFJRERnaUMydFFyRUFrWUFDMWdJY0k5b2dNT0NJVGExQ3NRQ2hnQUxRQUFnRC1pQXc0STVkUzZLaEFMR0FJdEFBQUFBTG9EQ1VGTlV6TTZOakF4TWVBRDZrU0FCUGJZNXd1SUJQM1k1d3VRQkFHWUJBR3lCQWtJbXBCTEVNdmZ2dzI2QkJrSWhRUVJ3X1VvWElfQ3hUOFpBQUFBQUFBQUFBQWdtcEJMdWdRYUNLNWFFUUFBQQUXDEFBR1ENCWBDeEFJTXJVanhEQkJNUDFLRnlQd3NVX3lRESEkQXNRTmdFQVBFRQ0yUEFBQUNJQmZzdW1BWE53WmFKQWFrRgEWAQEQOEQteEIVOxBBQXdRVQEXAQEIRVFNLigABF9SLigAADINKMhMRVM0UC1BRnBzTUI4QVdZbXJvSi1BWE9zS1VEZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkBXAEBLEVRS2dHQkxJR0pBawEQCQEAQh23BEJrCRQBAQBDHRgYTGdHQ29FSQEXBEFEQZCYOC6aApkBIWp4cVhsd2pzekpJYUVLMmstTnNCR0pqZlRTQUFLQUF4BTEEQUEBZHg2Q1VGTlV6TTZOakF4TVVEcVJFblo2OTBmNzFYdVAxHW0ARh2FMEdIRDlTaGNqOExGUDIVGAhzUUgdMBBIZ0FpUREQ9BcBRHdQdy4u2AK8lAPgArCyXuoCHWh0dHBzOi8vd3d3LmRhaWx5ZmFjZW9mZi5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD1v0j4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTQ1LjE0MS4xNTIuNzeoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTE5MTEjQU1TMzo2MDEx2gQCCAHgBAHwBK2k-NsBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF8b8E-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuqRAdoGFgoQAAUSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfQ8QXSBw0VZQEmCNoHBgFeyBgA4AcA6gcCCADwB9LgA4oIAhAAlQgAAIA_mAgBwAi8lAPSCA4IgYKEiJCgwIABEAAYAA..&s=41ce0d6313bb3ac6d66d9448741fd2e99baecb3a&type=nv&nvt=5&jm=1003&px=1124&py=1591&bw=300&bh=250&sid=6378719511546066867&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28641309&sw=1600&sh=1200&pw=1600&ph=2265&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
an-x-request-uuid
3567650e-a454-49d6-80e2-33d321e6e9ce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
9534-e86df2f088a2406b.js
www.dailyfaceoff.com/_next/static/chunks/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/9534-e86df2f088a2406b.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc7613cf6cbe9af2ae4fdd0fa577120b30b135709bf8d03d16496dec9640f69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1575647
content-disposition
inline; filename="9534-e86df2f088a2406b.js"
x-vercel-id
gru1::l97bx-1690499737111-3b8567c4f810
server
cloudflare
x-matched-path
/_next/static/chunks/9534-e86df2f088a2406b.js
etag
W/"0f8e4a4e7b71506d0051bc9abe971e8c"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8bff55bf1-FRA
6595-70557aa686731784.js
www.dailyfaceoff.com/_next/static/chunks/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6595-70557aa686731784.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d98915ed3cb9a5adbc271b167919c3f6d3dbafb4d690cb77c5765998e3dddb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
18427509
content-disposition
inline; filename="6595-70557aa686731784.js"
x-vercel-id
syd1:syd1::mtdbt-1680015842881-7cb2140754ee
server
cloudflare
x-matched-path
/_next/static/chunks/6595-70557aa686731784.js
etag
W/"5fc5cd10efe07b51e346a1c38c288514"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8bff65bf1-FRA
5935-987f64999aab59aa.js
www.dailyfaceoff.com/_next/static/chunks/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5935-987f64999aab59aa.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1499460ce5ec80dad274437e10869a4930ca9c892cb852ba90efc3464767b51f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
249700
content-disposition
inline; filename="5935-987f64999aab59aa.js"
x-vercel-id
fra1::5kzlj-1698194507519-2a089a17d8d3
server
cloudflare
x-matched-path
/_next/static/chunks/5935-987f64999aab59aa.js
etag
W/"f202a2414de30c56bbcc4dbebb1a1f5a"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8bff75bf1-FRA
8852-cb6876ee41f3648f.js
www.dailyfaceoff.com/_next/static/chunks/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8852-cb6876ee41f3648f.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b38b7f9c7847bf7cbafc5d23579e6604b26ef0cacdb6910074734d576ba4db1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
3113975
content-disposition
inline; filename="8852-cb6876ee41f3648f.js"
x-vercel-id
gru1::84dnv-1695328828290-9d1c7014537e
server
cloudflare
x-matched-path
/_next/static/chunks/8852-cb6876ee41f3648f.js
etag
W/"c4377bd48371f549a140c5f309b2f4f4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8bff85bf1-FRA
6932-fb9f10300a0440b6.js
www.dailyfaceoff.com/_next/static/chunks/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6932-fb9f10300a0440b6.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
461d9d9ddb4829b826ede451b55580827053e6b4ec75b2c44fce2673e5b75fdd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1492086
content-disposition
inline; filename="6932-fb9f10300a0440b6.js"
x-vercel-id
gru1::qm4jl-1696950962789-0f6956ede05a
server
cloudflare
x-matched-path
/_next/static/chunks/6932-fb9f10300a0440b6.js
etag
W/"6e1c14d49c1a4dc5791dafaeeb5a5063"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8bff95bf1-FRA
8715-829ce80c7175ab12.js
www.dailyfaceoff.com/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8715-829ce80c7175ab12.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e1d50b07a89e8f38a392ade671edd2fc8600a511745b877df5d4f0ba5997ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1492265
content-disposition
inline; filename="8715-829ce80c7175ab12.js"
x-vercel-id
gru1::jbv7f-1696951283321-37543f13ea78
server
cloudflare
x-matched-path
/_next/static/chunks/8715-829ce80c7175ab12.js
etag
W/"57ea8f61f10a35f06f60914dd52829c0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8bffa5bf1-FRA
%5Bslug%5D-ab23c5c8074ca39e.js
www.dailyfaceoff.com/_next/static/chunks/pages/news/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84bde1fe730fb30eb7ec5f5d358d16f9438ee40309e57e20bf93a2f86b3b732
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1492085
content-disposition
inline; filename="[slug]-ab23c5c8074ca39e.js"
x-vercel-id
gru1::jbhp5-1696950964263-f3dc53677876
server
cloudflare
x-matched-path
/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
etag
W/"03e31903743ef15b7ffa27f8b945b4e4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8bffb5bf1-FRA
%5Bslug%5D-ad0d7229dab41a88.js
www.dailyfaceoff.com/_next/static/chunks/pages/authors/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/authors/%5Bslug%5D-ad0d7229dab41a88.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6d187ecaded849274b37ffafaf89fed00521487d2bb63302bfc7994cee4146
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
250341
content-disposition
inline; filename="[slug]-ad0d7229dab41a88.js"
x-vercel-id
fra1::p5pn5-1698193866769-d3460d33d505
server
cloudflare
x-matched-path
/_next/static/chunks/pages/authors/%5Bslug%5D-ad0d7229dab41a88.js
etag
W/"8a73fadd234dc61ae5a246b4c47140ce"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8c8025bf1-FRA
%5Bslug%5D-4f9a06131d4354e0.js
www.dailyfaceoff.com/_next/static/chunks/pages/categories/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2046d0dffaaff13d278ded237ca0480d379f691f8c46017da3d383736d50e23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2729247
content-disposition
inline; filename="[slug]-4f9a06131d4354e0.js"
x-vercel-id
gru1::sgxjq-1695710442719-48996a25e66b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
etag
W/"740547ad66f265974028a58ecf8e219f"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8f8285bf1-FRA
5761-ac0d245560f2ff39.js
www.dailyfaceoff.com/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5761-ac0d245560f2ff39.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce76230f57c0a5804fe4a894fdc4dc763019463eb7fb545e3f75fe5df7f2572e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
7092521
content-disposition
inline; filename="5761-ac0d245560f2ff39.js"
x-vercel-id
gru1::qgw56-1691351103500-e9b0e208b310
server
cloudflare
x-matched-path
/_next/static/chunks/5761-ac0d245560f2ff39.js
etag
W/"83c50bee50173b8347bcbab533cae47a"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8f8295bf1-FRA
%5B%5B...params%5D%5D-795bc57b69ba0e69.js
www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3b7a345b18da5b6360c15ddca29408d6883d8b701933ccd87aade7cf013650
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
4110019
content-disposition
inline; filename="[[...params]]-795bc57b69ba0e69.js"
x-vercel-id
syd1:syd1::gc8nt-1683565450942-0c6f25c4e39b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
etag
W/"af9da9f039217d60eaf6f803c8c41149"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8f82c5bf1-FRA
374-afa99051b8f32278.js
www.dailyfaceoff.com/_next/static/chunks/ 		90 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/374-afa99051b8f32278.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97c1f41fd7fe19224ec65bc340835a8901df80a9136bb26b9aa2549293f9585
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
18427506
content-disposition
inline; filename="374-afa99051b8f32278.js"
x-vercel-id
syd1:syd1::t6bhs-1680015846216-236217800763
server
cloudflare
x-matched-path
/_next/static/chunks/374-afa99051b8f32278.js
etag
W/"79f85b1db20e67f4343d8a6733d99904"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8f82d5bf1-FRA
878-2455321700c408f9.js
www.dailyfaceoff.com/_next/static/chunks/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/878-2455321700c408f9.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65534fdafbad9cb1acca833772bc23a5d03e1a89f1ae44f34699b522e023a11e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2759216
content-disposition
inline; filename="878-2455321700c408f9.js"
x-vercel-id
gru1::ck8tk-1695683989238-0ec26c7549ec
server
cloudflare
x-matched-path
/_next/static/chunks/878-2455321700c408f9.js
etag
W/"5b098f564887aced852856f218635be0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8f82f5bf1-FRA
%5B%5B...date%5D%5D-a74aa9694d5b8077.js
www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a7f1daf10f16f2e3e0b95440ffe6d0f1fe0b2f9f8c94d5a0158a266553f878
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1468247
content-disposition
inline; filename="[[...date]]-a74aa9694d5b8077.js"
x-vercel-id
gru1::vj9dp-1696975531369-acddbf8e89c1
server
cloudflare
x-matched-path
/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
etag
W/"e5f481a3ed6a71a71004c4bd6062fc75"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa8f8305bf1-FRA
4151-9e344b2b9cae2770.js
www.dailyfaceoff.com/_next/static/chunks/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/4151-9e344b2b9cae2770.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d262d92e543246a595d1b20ad250ffc44d0a4efc568d42c4dc39cb36bcc65e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
4110019
content-disposition
inline; filename="4151-9e344b2b9cae2770.js"
x-vercel-id
gru1::mkj9x-1694128394807-0162f6d5ee8e
server
cloudflare
x-matched-path
/_next/static/chunks/4151-9e344b2b9cae2770.js
etag
W/"f3199da89ac97ea9259d3a8d2ac83f8e"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa988e65bf1-FRA
nhl-weekly-schedule-bac0295831efb757.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		414 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faeeb447489a22cb3134f5801c870b878a0ffb3d159b7c25d3d591c8ff4aa36c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
4110019
content-disposition
inline; filename="nhl-weekly-schedule-bac0295831efb757.js"
x-vercel-id
gru1::v4qqq-1686742631797-4df456b677c8
server
cloudflare
x-matched-path
/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
etag
W/"59330b45e2f3cbcfa841df73b8ee8cbd"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa988e75bf1-FRA
teams-39d84c01efe361c5.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/teams-39d84c01efe361c5.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d94a22970df2a98d64662d138f8b6f1a5daa5782171d5de312fd06a850d9f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
582129
content-disposition
inline; filename="teams-39d84c01efe361c5.js"
x-vercel-id
gru1::6h5hx-1691351101531-a2b9c4bdfb5e
server
cloudflare
x-matched-path
/_next/static/chunks/pages/teams-39d84c01efe361c5.js
etag
W/"d17e5b4e50ef3573be47d9477cc64ac2"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aa998e85bf1-FRA
prebid
id5-sync.com/api/config/ Frame 3EF7 		135 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 3EF7 		0
0
id
id.crwdcntrl.net/ Frame 3EF7 		43 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.247.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-247-62.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
x-server
10.45.5.159
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 3EF7 		63 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
dc8818ab3f05897ae6608c16085d6194ebc3e120ae3acf3c68bbcea020018008

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 26 Nov 2023 22:03:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D52 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=64796
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 27 Oct 2023 22:03:28 GMT
expires
Sat, 28 Oct 2023 16:03:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9980 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-194.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 Oct 2023 22:03:27 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6224 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1085
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81ce3aaa29796adc-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 27 Oct 2023 22:03:27 GMT
expires
Sat, 28 Oct 2023 02:03:27 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 3EF7 		95 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/png
date
Fri, 27 Oct 2023 21:58:18 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
generate_204
tpc.googlesyndication.com/ Frame AD59 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1A94fg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 5ECD 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lo95ttjz&c=727901353091&slotId=363950676545.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 3EF7 		33 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
dde872fe6118bcfd6e6af73c59219670001dc90fc5a52845c24bc46b15727988
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 9980 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-194.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
03766113c60c5d25eafad8cdc67e574807b70422c26f95182d741020ab972326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 20:33:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80930
Connection
keep-alive
Content-Length
11052
Expires
Sat, 28 Oct 2023 20:32:17 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2A18
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d0d7fb08d7547fa79382cb831947edfad740c4ffecc9061f5ef4fc0ac198000

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ce3aaae835904e-FRA
content-encoding
br
content-type
text/html
date
Fri, 27 Oct 2023 22:03:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EKJSpdCkUX%2B5PCd4xb0utyyKqIjpKi358GjJSKJ%2FWQUXRriEamkzOvoYSLMECQSnYCiCvhG3XrAkkZ9hrcGF6bD5%2BSZMbaGbRGlwvbJWEamoyxdtYvuIXkF8vNK0rIpEXJP19p6R%2Fvlyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ce3aaabe86bbd4-FRA
content-length
0
date
Fri, 27 Oct 2023 22:03:27 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI4csAdy7lcRA4hiH0n1OzUcWY%2BjOUWJ6lLdJKFTGZEO4Y9UumnDi%2FWyAJwHVflZTSSMoExo5qQ8N8J4zv5W1WbbS75nb2zsYl99eKQNyh7%2FK1L%2FyEg7pn1T1iZw2fmWeXz%2Fq4eNcggs5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
212.json
id5-sync.com/g/v2/ Frame 3EF7 		276 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
58675944f159bb03366620a058caccc73f8db99c00994e96b638dadd0551aed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwx4NDQ0MwA3ODAmJaVcZD1TZWgcozRiU1BfYXyypwY1M2MmM2FwZDYmMGQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9MTE2MDY3NTEmNt==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
-Zb6JuJIRZEbFGLTCoTQh17Y9Mz5N3HdDJGfkn57Y9Rn-7DL4rxS2w==
ads
securepubads.g.doubleclick.net/gampad/ Frame 5ECD 		115 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C22671245338%2Ffutbolsites&description_url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&env=vp&correlator=1143668415600860&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&ad_rule=0&cust_params=prmsig%3Dwdvsfe&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4099075284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&sid=67FBD55A-AE9C-4E55-B9FC-550D0D930F7D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44806075&ref=https%3A%2F%2Fwww.dailyfaceoff.com%2F&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dlt=1698444204693&idt=2425&dt=1698444207807&cookie=ID%3D308d2f0f8c1e4dbc%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MYu3bQ2peP66yA41sAPxUM9Lh0Dug&gpic=UID%3D00000caa4952bf1e%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MaODL0aDXhX8rpDJAd_zD98WePjbQ&scor=3745081227201634&ged=ve4_td3_tt1_pd3_la3000_er581.-2600.734.-2300_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84b9ce33e46b56d2618938dfa42e575f80f8a1ddf31ed0a559258892b5279c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20005
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 28 Oct 2023 22:03:27 GMT
khaos.json
token.rubiconproject.com/ Frame 9980 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
dcm
s.amazon-adsystem.com/ Frame 2A18
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Oct 2023 22:03:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V13K4CQENSYPHEXC6PSA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 Oct 2023 22:03:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VV0SR3BDT6RBA6YWGTFR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2A18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENsLMD1oV4qw8WxmpZSrAfU&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENsLMD1oV4qw8WxmpZSrAfU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCqaCc5TmnA0AmKS%2FwFQ1D0NkufOfXqikuBGIyreljV4TBEejZFnP5kG5hLkCRMsXZ5%2BpIzdlaPvQJVG%2F2Q%2BAvG2lssYfF0rRKfJue2FiY66LfQjMlWJc1OHPSJJ9opARidFig7bK7DMcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3aab88b8904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENsLMD1oV4qw8WxmpZSrAfU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2A18
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTwzr3PgpIElCasoWgOXSQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUZvnAtLJuxpwr7zyBGo-4&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUZvnAtLJuxpwr7zyBGo-4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTxbJMAbxq4YkA5TOB%2Fx06b7AVhcKLB%2Flcuq1Mo9v42My1APmzGeGu7Eih97eRFA%2FCORp25i5jtgYpF6fezo5nuTb4lu5KoJdevaeBDrifv8U7tJCwNOo94t6FvU%2Flw60hJKaB7ZQPCVYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3aaba8e5904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUZvnAtLJuxpwr7zyBGo-4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 2A18
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTwzr3PgpIElCasoWgOXSQAA%263343&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTwzr3PgpIElCasoWgOXSQAA%263343&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b63a2fc8bd904a64816f4163a2633169
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PpDxrWPl599_UvvEwiKxZZfGmuW9sNUOXLjlaw
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PpDxrWPl599_UvvEwiKxZZfGmuW9sNUOXLjlaw
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PpDxrWPl599_UvvEwiKxZZfGmuW9sNUOXLjlaw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:78e7:c13b:e422:f8d2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:30 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PpDxrWPl599_UvvEwiKxZZfGmuW9sNUOXLjlaw
Date
Fri, 27 Oct 2023 22:03:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
crum
dsum-sec.casalemedia.com/ Frame 2A18
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=rnt1kAa0n2eG09etZIkK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343&tc=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=rnt1kAa0n2eG09etZIkK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hxcdJ%2FG4O9dXT%2F3B5Ft2RT7tagGRd%2B7jWi9vuvF8ThD8fyy4dgCwb4uwqcNr0NgNLzT9u1QyPeRT18ZiNtkH5abYAg0D8o9kVuMQPQ9i%2Fa4oDegs0A%2Bqxli8MNEgkqSZk9nBef%2BFI721g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3aaba8f3904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=rnt1kAa0n2eG09etZIkK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTwzr3PgpIElCasoWgOXSQAA%263343&tc=1
pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT, Fri, 27 Oct 2023 22:03:27 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 2A18
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZTwzr3PgpIElCasoWgOXSQAA%263343?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTwzr3PgpIElCasoWgOXSQAA%263343
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTwzr3PgpIElCasoWgOXSQAA%263343
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
34.253.158.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-158-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v053-0da6b0dfe.edge-irl1.demdex.com 19 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
uznw5u2ZSO4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v053-0504e7d35.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Pxcd7jV2Rzg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTwzr3PgpIElCasoWgOXSQAA%263343
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 2A18
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TKVosWuDrL0Jy0FUvMOzm1N2d1uI9K%2FNjsmdcnddXqB%2FKZNxnGCR036L9JK9VlP%2F3Uoake%2BlC%2B4BSbUGU7QMSkxUku07lcBqKqGdLu%2BJavhNtoT%2B%2F8fmk%2F320%2FZleO8TXNidkwIrsECXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3aad7a3a904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Fri, 27 Oct 2023 22:03:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 2A18
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a1b8b12-ce9b-4c62-b5ba-1919f51b1ddc&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a1b8b12-ce9b-4c62-b5ba-1919f51b1ddc&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJGiw88NBykYpFlAiH7zEp%2BH4WieFqi8bDelO%2FC2yidV5iCPXTsSS9ophDuETag8ztyKNyfb2dNUo%2FK%2F4frKpfKV8kj4s2Ld4i52vYars%2BWpzR2evD9U2OdchyqT9yu3AmzcEOGxzYkhnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3aab98ce904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a1b8b12-ce9b-4c62-b5ba-1919f51b1ddc&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 27 Oct 2023 22:03:27 GMT
server
_
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2A18 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTwzr3PgpIElCasoWgOXSQAA%263343
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
397
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81ce3aab3a526adc-FRA
content-length
43
expires
Sat, 28 Oct 2023 22:03:27 GMT
projections-55fc3d09697af711.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/projections-55fc3d09697af711.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d3bb19645c6af96a0180f8eb4067f9133d372c078877ff2bc4ee006ed636a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
137498
content-disposition
inline; filename="projections-55fc3d09697af711.js"
x-vercel-id
fra1::65rrv-1698306709016-32dce8d23cd0
server
cloudflare
x-matched-path
/_next/static/chunks/pages/projections-55fc3d09697af711.js
etag
W/"9ac59e13eaed3ad159a8f5e412c5782d"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81ce3aab3a235bf1-FRA
syncframe
gum.criteo.com/ Frame 352A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailyfaceoff.com
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 22:03:27 GMT
server
Kestrel
server-processing-duration-in-ticks
310173
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 28 Oct 2023 22:03:27 GMT
sid
mug.criteo.com/ Frame 352A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dailyfaceoff.com&sn=ChromeSyncframe&so=0&topUrl=www.dailyfaceoff.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=i39id3xvaC9jR2NDQzNKK1habFNMUlRPQWxYN1phOUlORU9hVTV0ODBPTXRlbzlKSGN6MldGK3lhbWxFdFFCSEVXUEVIYjdLV2dFdm1LQzNOdGQzbjZTcjlQK1JLa0RKMWcxQjBNWHBTVkhJdmJhUHFEUDhzVkJrc25OWU...
463 B
690 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=i39id3xvaC9jR2NDQzNKK1habFNMUlRPQWxYN1phOUlORU9hVTV0ODBPTXRlbzlKSGN6MldGK3lhbWxFdFFCSEVXUEVIYjdLV2dFdm1LQzNOdGQzbjZTcjlQK1JLa0RKMWcxQjBNWHBTVkhJdmJhUHFEUDhzVkJrc25OWUpTc3N2NENESU85K0IrK05Odk9TazZOaUtQc3lWaGpFT3I4THRwRjVqNXd0Vlh5RDdCWkZQYlBmTXoyT3ZVQXFPRis2ZFVXcWJoTHE0bU5mZGtzbWIxTWdpY29KaVlvMVVCRGt4ZXZkdldKT3RZeXpBWmdKdGk3TkI3U2d0UzBkZGc2Sk5iSDJPZjR4VmpVNjUxd1BYc1UwNkdTVEJZSjdNNWIvajFDY3RTWkdJZlJpY0VBWT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4c26159db4251ab0d14fc6a849a6411ddc16ffb0cdd54a09e8a03ed9f6993f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1108892
expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=i39id3xvaC9jR2NDQzNKK1habFNMUlRPQWxYN1phOUlORU9hVTV0ODBPTXRlbzlKSGN6MldGK3lhbWxFdFFCSEVXUEVIYjdLV2dFdm1LQzNOdGQzbjZTcjlQK1JLa0RKMWcxQjBNWHBTVkhJdmJhUHFEUDhzVkJrc25OWUpTc3N2NENESU85K0IrK05Odk9TazZOaUtQc3lWaGpFT3I4THRwRjVqNXd0Vlh5RDdCWkZQYlBmTXoyT3ZVQXFPRis2ZFVXcWJoTHE0bU5mZGtzbWIxTWdpY29KaVlvMVVCRGt4ZXZkdldKT3RZeXpBWmdKdGk3TkI3U2d0UzBkZGc2Sk5iSDJPZjR4VmpVNjUxd1BYc1UwNkdTVEJZSjdNNWIvajFDY3RTWkdJZlJpY0VBWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
296708
content-length
0
expires
0
csi
csi.gstatic.com/ Frame 5ECD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lo95tu0s&c=727901353091&slotId=363950676545.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802463%2C44806075&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=0&ytext_hd=1&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5ECD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lo95tudn&c=727901353091&slotId=363950676545.5&qqid=CKT9t92dl4IDFWiLgwcd5HwEFw&gqid=rzM8Zbz0MdSRjuwPnPCbOA&fb=ima_html5-lima&sdkv=h.3.599.0&mrd=4&aab=0&itv=1&met.4=ghmsh_s.lo95tudv~ghmsh_s.lo95tudw&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=rynfzjBT0iMi9O1-
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI2JaNypaZypyRcoWU9MTY5ODQ0NDIjNSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE2NwAmMTI2Jat9NwU2Jax9MmY5Jz1mqGE9MTplNTU1NDAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow13q3phZGFcoHyzYWNyo2ZzLzNioSZmqWJJZD13q3phZGFcoHyzYWNyo2ZzLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9ZaV0Yz9fp2y0ZXMzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZlqz49MwIkMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZmp3BsYWRioT0zpGkuY2VgZW50U3RlZWFgVHyjZT0kJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMDtkNmUzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0lMDx5NDUmODE3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-id
EJbT7Y5VRjjikxVtbHgprVKOsRpHVnY629xFRKrg0j1ApUdTtNwS-w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQkJaNypaZypyRcoWU9MTY5ODQ0NDIjNSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE2NwAmMTI2Jat9NwU2Jax9MmY5Jz1mqGE9MTplNTU1NDAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow13q3phZGFcoHyzYWNyo2ZzLzNioSZmqWJJZD13q3phZGFcoHyzYWNyo2ZzLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9ZaV0Yz9fp2y0ZXMzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZlqz49MwIkMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZmp3BsYWRioT0zpGkuY2VgZW50U3RlZWFgVHyjZT0kJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMDtkNmYzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0lMDUjMwM0NmQ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
L4Vp5Vr4JygGpKUiF5AFwZdIXMgCDJZnthPipeQjRnpFTNmLUstPDw==
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 5ECD 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-1320774679920841
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:30:11 GMT
x-content-type-options
nosniff
age
1997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 22:20:11 GMT
APkrFKaTkYl0ISeJfdQOfrXEVXR7508EUZ4IPkOXq3_xPA=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5ECD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKaTkYl0ISeJfdQOfrXEVXR7508EUZ4IPkOXq3_xPA=s48-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cab9e938cdad5a79fc01a94c8f53908163808402687a450311fd74d0d517ea01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 21:20:12 GMT
x-content-type-options
nosniff
age
2596
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1633
x-xss-protection
0
server
fife
etag
"v17f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 28 Oct 2023 21:20:12 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CvF7jrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAGgBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&sigh=_AElX9FZtWk&label=show_ad&sdkv=h.3.599.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwODA0Njc1MjA1MjIMNjc3MzE0NDg3Njk0QMQCUiMQDyUAAKBBKAE6CzZEdWpMZGRzeGFnQglnb29nbGVhZHNQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5ECD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwxzvrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBOACT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrFqARgRbwIPzWlcPTwBi5IZ--Afyzw9wD0yT0IdQnEaRNihV591x3cjVjRjLAtC-wCi5uiceionCFUzcmitfYmCVsON9bN9ciyWh3lSelbUQvty1lpeSReS_2nfRGppkvoybq2QV9LhgUheKtsZZse2yQFzuXfD6TlSnVDoYKoaJUHhgr-mfp_QMLTamAulAK7UNND83kapavKXjvMw875TKtGLR4c1tlQSlKTjK3269UJzjCad77G9Zyo1HnE4KcUCy5xuhoCF8uJsE6oLlQh8ULDVxyHkTGD88zWHdDNe0xXHv4Rhjw4HgmPtKeD76S9wWn0F548IkuHHLkJQLrlMmJ_Qj9Fi2y9aUc61LgqMAE992wssoE4AQBiAXfzLT3TJIFEwgSEAUYDzCoi7O73eXonegBUAGgBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDU216oCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zMzIyMDQxOTE3Nzc3OTk2mglpaHR0cHM6Ly93d3cuYXVkaWJsZS5kZS9jYXQvS3JpbWlzLVRocmlsbGVyLUhvZXJidWVjaGVyLzE2MjA5OTEwMDMxP3NvdXJjZV9jb2RlPURBV1BQMzBEVFJJQUw0MzkwOTE5MjMwMDVSgAoDyAsB4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFcITBhij-_SsKdgTAtgUAdAVAZgWAagWAYAXAbIXHgocCAASFHB1Yi05Nzg1ODM1NDcyNjU3ODA1GK3XbQ&sigh=Ji6QuHWxV98&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&vt=10&sdkv=h.3.599.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwODA0Njc1MjA1MjIMNjc3MzE0NDg3Njk0QMQCUiMQDyUAAKBBKAE6CzZEdWpMZGRzeGFnQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 3EF7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lo95ttbz&c=727901353091&slotId=363950676545.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3D52 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80638720&p=159835&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f4033c8654d891b70f8402d7b2c19752ad70f943c9d05151abce2d3e2507c6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 27 Oct 2023 22:03:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
videoplayback
rr4---sn-4g5lznle.googlevideo.com/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-4g5lznle.googlevideo.com/videoplayback?expire=1698473008&ei=sDM8ZZzQBIq36dsPvMil2AI&ip=2001:ac8:20:3a00:1012:d5e0:a20f:6753&id=e83ba32dd76cc5a8&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=FD&mm=31&mn=sn-4g5lznle&ms=au&mv=m&mvi=4&pl=49&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1697676290816875&mt=1698443881&cpn=rynfzjBT0iMi9O1-&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AGM4YrMwRQIgT6cT1gPx82XGHXOeEfA-7NwRAVouFB_HYSHJT5H7NgYCIQDvsAt_aiep7JbMYuRjgPC13rS_2Ug1_SXXdmbn4HosIQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRAIgWdPfenKFfiW7pmXx1b43eTSv7WmxG14s1y9Uu3VEEmECIDPQex3LF1hN-_c1k8dHWUpiV6AxpgAgmyOTgMsMLcoq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:1d::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
8146d40c6b1a268cd9d07ec4b96c79c4912c7c96a57224448e826332109ca9d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyfaceoff.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 27 Oct 2023 22:03:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 19 Oct 2023 00:44:50 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1338914/1338915
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1338915
Expires
Fri, 27 Oct 2023 22:03:28 GMT
csi
csi.gstatic.com/ Frame 5ECD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lo95tue8&c=727901353091&slotId=363950676545.5&qqid=CKT9t92dl4IDFWiLgwcd5HwEFw&gqid=rzM8Zbz0MdSRjuwPnPCbOA&fb=ima_html5-lima&sdkv=h.3.599.0&mrd=4&aab=0&itv=1&ua_e=1&met.4=ghmsh_s.lo95tuea~vss_tr.12l
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D4EF 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7838&pub_id=997666&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7838&pub_id=997666
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:28 GMT
an-x-request-uuid
c696359e-fb2a-4aba-ad2c-056ba5d62530
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5103 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 27 Oct 2023 22:03:29 GMT
ETag
"623de86a-cf34"
Expires
Sat, 28 Oct 2023 22:03:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
isyn
prebid.a-mo.net/ Frame 947E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 27 Oct 2023 22:03:29 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F5B0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=64795
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 27 Oct 2023 22:03:29 GMT
expires
Sat, 28 Oct 2023 16:03:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 25C3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 27 Oct 2023 22:03:29 GMT
ETag
"623de86a-cf34"
Expires
Sat, 28 Oct 2023 22:03:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
pd
futbolsites-d.openx.net/w/1.0/ Frame 1922 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futbolsites-d.openx.net/w/1.0/pd
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 27 Oct 2023 22:03:29 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame E30C 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 27 Oct 2023 22:03:29 GMT
usync.html
eus.rubiconproject.com/ Frame 5FBF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-194.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 Oct 2023 22:03:29 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6C72 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1087
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81ce3ab66db16adc-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 27 Oct 2023 22:03:29 GMT
expires
Sat, 28 Oct 2023 02:03:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 5797 		61 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=30846396
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 27 Oct 2023 21:58:20 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4
beacon
ap.lijit.com/ Frame EB9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13418490
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 27 Oct 2023 22:03:29 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
Pug
simage2.pubmatic.com/AdServer/ Frame 20E1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 22:03:29 GMT
expires
Fri, 27 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
668422
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AC61 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B25261B6-EDE2-464E-8639-81237415D144&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 27 Oct 2023 22:03:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CP7SV05HSBG3MJH2FDCH
Pug
image2.pubmatic.com/AdServer/ Frame 2A5D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW
42 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 27 Oct 2023 22:03:29 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 088B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8287462243405912418&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8287462243405912418&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
58baf68e-4dfa-4613-bc13-1c84ad2cef94
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8287462243405912418&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 240C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294762331752626332&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294762331752626332&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 27 Oct 2023 22:03:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294762331752626332&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame E398
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c8c7873d-751d-41d7-8ec2-a3e6b8637830&expires=1&user_group=2&ssp=pubmatic&bsw_param=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 27 Oct 2023 22:03:29 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 140B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bc8HxRBXXpNR-zWPr5lWHS2NmE0&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bc8HxRBXXpNR-zWPr5lWHS2NmE0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 27 Oct 2023 22:03:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=bc8HxRBXXpNR-zWPr5lWHS2NmE0&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame B9F6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTwzsQAACwH_FAAg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 27 Oct 2023 22:03:30 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230042-FRA
x-timer
S1698444210.933178,VS0,VE90

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 27 Oct 2023 22:03:29 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTwzsQAACwH_FAAg
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230042-FRA
x-timer
S1698444210.834391,VS0,VE90
Pug
image2.pubmatic.com/AdServer/ Frame EA44
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEOXBVN0tlR2NBQUJkdWg5dWtYZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAD9pU7KeGcAABduh9ukXg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD9pU7KeGcAABduh9ukXg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAD9pU7KeGcAABduh9ukXg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2241806176921324299&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9pU7KeGcAABduh9ukXg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9pU7KeGcAABduh9ukXg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 27 Oct 2023 22:03:30 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD9pU7KeGcAABduh9ukXg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3D0E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:03:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 27 Oct 2023 22:03:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame E864
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU17cce391a7f648d1ba482c07500c3f38
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU17cce391a7f648d1ba482c07500c3f38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU17cce391a7f648d1ba482c07500c3f38
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 5A3A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Fri, 27 Oct 2023 22:03:29 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame DDEA 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 27 Oct 2023 22:03:29 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
Pug
image2.pubmatic.com/AdServer/ Frame D675
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4935152712030784535
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4935152712030784535
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4935152712030784535
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 5C5A 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 27 Oct 2023 22:03:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame F2A7
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329214744540
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329214744540
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 27 Oct 2023 22:03:29 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329214744540
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 53B4 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 27 Oct 2023 22:03:29 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-016da08bedc3@version_1.575
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 1D10 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 3298
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0a55622d38d4c33c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagVVUXXQYSQWjYYj&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagVVUXXQYSQWjYYj&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagVVUXXQYSQWjYYj&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=slJhtu3iRk6GOYEjdBXRRA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:30 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=64794
accept-ranges
bytes
content-length
5606
expires
Sat, 28 Oct 2023 16:03:24 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3D52 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B25261B6-EDE2-464E-8639-81237415D144&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.223.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-223-222.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.218
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 3D52
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1064245090
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B25261B6-EDE2-464E-8639-81237415D144
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B25261B6-EDE2-464E-8639-81237415D144
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
via
1.1 google
last-modified
Fri, 27 Oct 2023 22:03:30 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B25261B6-EDE2-464E-8639-81237415D144
date
Fri, 27 Oct 2023 22:03:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 3D52
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B25261B6-EDE2-464E-8639-81237415D144
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTAyYldFU3pEZnFTNi1VY3hUd211MUwwZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8955987516037424013&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.72.74.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-74-77.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:30 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 27 Oct 2023 22:03:30 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3D52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjI1MjYxQjYtRURFMi00NjRFLTg2MzktODEyMzc0MTVEMTQ0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3D52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5y3aCKxvcXpCVUddbRxSo&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5y3aCKxvcXpCVUddbRxSo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5y3aCKxvcXpCVUddbRxSo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3D52 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 26 Oct 2023 22:03:29 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3D52
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8955987516037424013
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8955987516037424013
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8955987516037424013
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3D52 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
B25261B6-EDE2-464E-8639-81237415D144
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3D52 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B25261B6-EDE2-464E-8639-81237415D144?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 3D52 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B25261B6-EDE2-464E-8639-81237415D144&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3D52 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3D52
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4294739934230002354&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4294739934230002354&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:03:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4294739934230002354&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3D52 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B25261B6-EDE2-464E-8639-81237415D144&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:29 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3D52
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5eab5d25-134c-4cbf-9beb-a7c140b66514&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5eab5d25-134c-4cbf-9beb-a7c140b66514&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5eab5d25-134c-4cbf-9beb-a7c140b66514&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 27 Oct 2023 22:03:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310180103&jk=2420201654124190&bg=!wcKlwo3NAAbo5yKYyOc7ADQBe5WfOP66-uWQrJDD1Y3iG_YJUCiYmuK5hc2nztsgrNIbkYznE2Pb46d-IsX5xeUVz3QTAgAAAaFSAAAABGgBB5kCtAIZHFW3ElNYBONNjd_7VqLpISnSC26jCFR7CtKxHILGTWsmAvUXELNM3Y6IhiAlYO9Cm9mcuGlRjAjl8JAM2eJ2NU-f-JJ_7huYdZLSxmsa8CCTlED35a3zvrmVJB-uwBhyVdiK372MXQ3_wJBBhFgwCeNlo3Hjg9Ct3tPIMeCN-fIR0ZK7mJsuj9ACsPBpQE3mDk9klZhUAFBbs7IqAJfd6sLiA9I4OD9Kx_51t_J9pKF5dznzYuwbN2R-SOmSru4cUt7y51YlF3RPZmMX9kZmLGIhgykAcpiyEmVconuvUxTc9tJM6X3igm1E6lJLAvV6-cNcYQha6lPRX4MLPiPJxFj3zTidqX5ZVmnLIiJQZTU3GSYXq_7SBeQifvD5FW9UUOcuCC0jPa6Bog8od5i1aDI37uad7iY-CAd_UzQbLWown3zeEAdIsgvuKb-aiijx537Cv67S-TKbgujSBzOD8THkOoIh9v8XVOLKedXMm3J8USGc_aENFopibVCfNGHBLl82ua0PfkrNZmFECicLNHbvyEsT8-XPbzhG7Dbwg3mu6I8FiGB0xKAiE2ESnHC0nwqOK59iZCA0_GTxLpaVwu8_tvDNTE3WfZ2hBW8zADcD_LY_3ir1wUd9hvkwCrXtYihcyVpbHKQMJeJFCafnjTrbLorVllVbNf6pN0Phd0w6PdviJMoUg43r2kZ2CfKyD9Tj1lRtlFpYVGJdT6WtgcmO-4UWUO7oc_-_dfy7uiY0vzZchR1rJOaulkLpVSz-UqJn35dHBtIagB_ztIz5SYPSTpZa067Mv16wxO0r6xKkBtdNJR2PVhi5vZ16VZOcQAnnfrb__abuadsNC6zqT3jDH1QyUFIaGVnwtUzuKDw1wOOAS0MsFFx-xaGcNw2R8DGZbtiGMLxBfiWy1icP9tp-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 5FBF 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-194.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
03766113c60c5d25eafad8cdc67e574807b70422c26f95182d741020ab972326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 20:33:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80927
Connection
keep-alive
Content-Length
11052
Expires
Sat, 28 Oct 2023 20:32:17 GMT
async_usersync
ib.adnxs.com/ Frame 5103 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:30 GMT
an-x-request-uuid
d0da60d6-7aa2-4f16-a5ca-9f00c44845bb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 25C3 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:30 GMT
an-x-request-uuid
a04949ca-8bfa-4780-97c0-0f933e9a145f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E062 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327119fd40afcac838ef7d83e3f2dc4441219f4eadf4d8ed87e191bf71cfe182

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ce3abdbd44904e-FRA
content-encoding
br
content-type
text/html
date
Fri, 27 Oct 2023 22:03:30 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmyggYDInv5IzSTlXXXhFOlD4I%2BDDN8JEfl2T1gX97rup%2B9eNOKtDvI%2FIkCaAqH3r%2FIu7QpavGUJqh1ychTgmwHqhaKr3s56l5MYi23%2F%2BwiZBkBoDkHpBg%2F0jRpDiqmNSsjKCnonj2k7eg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CvF7jrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAGgBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&sigh=_AElX9FZtWk&label=video_ad_loaded&sdkv=h.3.599.0&vci=CpUBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlIjEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 5FBF 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
31327
i.liadm.com/s/ Frame E062 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTwzr3PgpIElCasoWgOXSQAA%263343&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.64.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-64-161.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 22:03:31 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
casale
match.adsrvr.org/track/cmf/ Frame E062 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:31 GMT
server
Kestrel
content-length
70
content-type
image/gif
ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E062 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZTwzr3PgpIElCasoWgOXSQAADQ8AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame E062
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8287462243405912418
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8287462243405912418
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiUW9exZOv5j9jsOWwx0JW1tXqKJKkHRl4OZkPG5gHyS2zQYSFvWShhFqcJ9UOkyCQpdHNsu4hiMWRxycF0p%2BB36xv4m7yynF4G4fQLFH7c9O%2FMIJaqocDCfu2ei5vJQJJxnhqWaKJX8Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3ac3a8f0904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
an-x-request-uuid
f54d587e-52da-4555-a542-4df71f33e5b4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8287462243405912418
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E062
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pd3CufmI1QWuVt5
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pd3CufmI1QWuVt5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1Wt4XsoYcWbnDuOS4hwdQG4g6qqLpe4PEN832wGsHeYEzD8mxUKjUwYMvPR1imDAAEzvnulods7s7fmCzgQNCKIeeiXBfGmAPijiDt8toY4jVFuZ31E9C54eyhzoQZfaKUUSEWtgzV%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3ac60a5c904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 27 Oct 2023 22:03:31 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0273dffb27b62012f@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=pd3CufmI1QWuVt5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E062
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTwzsQAACwH_FAAg
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTwzsQAACwH_FAAg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkOMwyczrUuk1rCb3uxROjfad7%2BAEgfGgzjp3ZkmA%2FXDyquGcPicY%2BdrPzW0BRxqrAnyCkKWDT%2BSNzOCVvPvDfdnuynpMvyjnYp%2F5W2w88RLw1x3juiONrM0BYZ0aHT%2B0bFW5mdTktUyQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3ac5fa4c904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230042-FRA
pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698444212.792034,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTwzsQAACwH_FAAg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame E062
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322329214744540
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322329214744540
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2xgAoYbrSp4gBM7sY3G9hOXNbG5WAh6qfI5vZVRNO0iLlsAkxImj7LsT7t%2FFzwt93BkER3mooGsNybqzTV0JZy35NpsFGG%2F1Vp1O03LpQE8QI2e4e84H2VXjUTnbYIP82wiZ1RiLJh0Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3ac5fa4d904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322329214744540
Date
Fri, 27 Oct 2023 22:03:31 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame E062
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=aa3f65c769374df89b1ce0ac593ef81a&expiration=1701036211
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=aa3f65c769374df89b1ce0ac593ef81a&expiration=1701036211
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS3fsrGZtknuSu3qLRWGs4M8XWNmdV4a8Uz54xdG3wRKP9elrUStG7HsqHiTMTeYHwS5d5ZLTinUifvh5%2FztkBhEdGJzm99uQdegXorjW9rYEphP1sWL3RShjuEMUw1ORNOogsGSpj9m1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ce3ac5fa4f904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=aa3f65c769374df89b1ce0ac593ef81a&expiration=1701036211
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame E062 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTwzr3PgpIElCasoWgOXSQAA%263343
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
401
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81ce3ac3ba3f6adc-FRA
content-length
43
expires
Sat, 28 Oct 2023 22:03:31 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5ECD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwxzvrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBOACT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrFqARgRbwIPzWlcPTwBi5IZ--Afyzw9wD0yT0IdQnEaRNihV591x3cjVjRjLAtC-wCi5uiceionCFUzcmitfYmCVsON9bN9ciyWh3lSelbUQvty1lpeSReS_2nfRGppkvoybq2QV9LhgUheKtsZZse2yQFzuXfD6TlSnVDoYKoaJUHhgr-mfp_QMLTamAulAK7UNND83kapavKXjvMw875TKtGLR4c1tlQSlKTjK3269UJzjCad77G9Zyo1HnE4KcUCy5xuhoCF8uJsE6oLlQh8ULDVxyHkTGD88zWHdDNe0xXHv4Rhjw4HgmPtKeD76S9wWn0F548IkuHHLkJQLrlMmJ_Qj9Fi2y9aUc61LgqMAE992wssoE4AQBiAXfzLT3TJIFEwgSEAUYDzCoi7O73eXonegBUAGgBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDU216oCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zMzIyMDQxOTE3Nzc3OTk2mglpaHR0cHM6Ly93d3cuYXVkaWJsZS5kZS9jYXQvS3JpbWlzLVRocmlsbGVyLUhvZXJidWVjaGVyLzE2MjA5OTEwMDMxP3NvdXJjZV9jb2RlPURBV1BQMzBEVFJJQUw0MzkwOTE5MjMwMDVSgAoDyAsB4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFcITBhij-_SsKdgTAtgUAdAVAZgWAagWAYAXAbIXHgocCAASFHB1Yi05Nzg1ODM1NDcyNjU3ODA1GK3XbQ&sigh=Ji6QuHWxV98&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&sdkv=h.3.599.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
B30829935.378629896;dc_pre=CKm7rd-dl4IDFarVEQgdjhsKeA;dc_trk_aid=569609914;dc_trk_cid=202625982;ord=1230045539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N1884730.279382DBMGROUPM-XAXISLI/ Frame 5ECD
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896;dc_trk_aid=569609914;dc_trk_cid=202625982;ord=1230045539;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896;dc_pre=CKm7rd-dl4IDFarVEQgdjhsKeA;dc_trk_aid=569609914;dc_trk_cid=202625982;ord=1230045539;dc_lat=;dc_rd...
42 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896;dc_pre=CKm7rd-dl4IDFarVEQgdjhsKeA;dc_trk_aid=569609914;dc_trk_cid=202625982;ord=1230045539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=4
Protocol
H2
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896;dc_pre=CKm7rd-dl4IDFarVEQgdjhsKeA;dc_trk_aid=569609914;dc_trk_cid=202625982;ord=1230045539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=4
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 5ECD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 21:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 21:07:27 GMT
B29377387.361896605;dc_trk_aid=553026232;dc_trk_cid=188456240;dc_dbm_token=AD1EzRQAAAA6CjQKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQI38y090yoAsSDqrYEsAKG3-_jA0A7EN3Ib8teY2yytf2C_oFikrNhCdA=;ord=16366...
ad.doubleclick.net/ddm/trackimp/N1884730.279382BIDMANAGER_DFASIT/ Frame 5ECD 		42 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1884730.279382BIDMANAGER_DFASIT/B29377387.361896605;dc_trk_aid=553026232;dc_trk_cid=188456240;dc_dbm_token=AD1EzRQAAAA6CjQKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQI38y090yoAsSDqrYEsAKG3-_jA0A7EN3Ib8teY2yytf2C_oFikrNhCdA=;ord=1636633556;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1;dc_exteid=1110824260793765247;dc_av=66056;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=vast_creativeview&ad_mt=0&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=1110824260793765247&acvw=sv%3D958%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D581,-2600,950,-1944%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20015%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444211761%26pngs%3D9,14,15%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1698444208182?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=part2viewed&ad_mt=0&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D958%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D581,-2600,950,-1944%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 5ECD 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D958%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D581,-2600,950,-1944%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20015%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444211762%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1698444208182?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=admute&ad_mt=0&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D958%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D581,-2600,950,-1944%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 5ECD 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D958%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D581,-2600,950,-1944%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D442%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D442%26pst%3D-1%26dur%3D20015%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D442%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444211766%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1698444208182?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3D52 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159835&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 3D52 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4563702&p=159835&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6b82cf647adadca17e7bff6a803d9a34f1918256c2d8625a5461c639c4468591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 27 Oct 2023 22:03:30 GMT
content-length
1661
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTAzp2VlqzVlVGygZT0kNwx4NDQ0MwA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY2MDMkMwYzrD02NTYzrT0mNwxzoXN0YT0kNmI1NTU0MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqzyxX2F0nT1zqXRvo2kmnXRyplZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMwM4NUYmMDMkN0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2EjMCUmQTEjMTIyM0FxNWUjJTNBYTIjZvUmQTY3NTMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE4LwAhNTx5Ml4kMTpyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1M2MmM2FwYwY4ODpzpaZhPTIlMTAzY29hqGVhqEZcoGVJZD0mNmtkODxmJz1yZGyuUGkurUkcp3RJZD0kNDEjNvZgZWRcYUkcp3RJZD0mNTplNvZcp0V4Y2k1ZGVGpz9gT3B0PTAznXNDYWNbZWRCnWQ9MCZwo250ZW50TWF0Y2uUrXByPSZmp3BsYWRioT0zpGkuY2VgZW50U3RlZWFgVHyjZT0kJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMTIkNwpzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0lMTE5MDpkODI1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
ebiQFX4oZvDDY29to09L--Xzd2AhocPrtv39gnJh1EEZ8dl09RrZzg==
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTpzp2VlqzVlVGygZT0kNwx4NDQ0MwA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY2MDMkMwYzrD02NTYzrT0mNwxzoXN0YT0kNmI1NTU0MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqzyxX2F0nT1zqXRvo2kmnXRyplZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTNuMDAyM0EkMDElJTNBZDVyMCUmQWElMGYyM0E2NmUmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkOC4jLwU5OTMhMTE3JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTNwMmNuY2I2ODt3JaJ2ow0lMwEjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMTIkNmUzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0kNwtmNwp0NTx=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:31 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
U6Tm0pUuqjmfa95jYySwYdaJ6Ugl8pK7pM-xGIdOwIoeJWMukHknsg==
async_usersync
ib.adnxs.com/ Frame 5103 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
an-x-request-uuid
2be475be-112c-4856-ae82-d6555dc8ae75
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 25C3 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
an-x-request-uuid
2b8fae61-2ece-405f-91b2-d34e473e1b54
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WYFDLPLCRR&gtm=45je3ap0v894180707&_p=1222580907&gcd=11l1l1l1l1&cid=137208439.1698444205&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1698444204&sct=1&seg=0&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dt=Starting%20Goalies%2C%20Line%20Combinations%2C%20NHL%20News%2C%20Opinion%2C%20and%20Analysis%20-%20Daily%20Faceoff&en=ad_impression&ep.query_id=CLPR5dydl4IDFQfXuwgd4yMGzA&_et=1933
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYFDLPLCRR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
www.youtube.com/api/stats/ Frame 5ECD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44772139%2C44777649%2C44781409%2C44802463%2C44806075&el=adunit&cpn=rynfzjBT0iMi9O1-&docid=6DujLddsxag&visitordata=CgtuNC04LXFmVmlNaw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=1.306&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.dailyfaceoff.com%2F&len=20.016&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=118.0.5993.117&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=18&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/ 		707 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
591d804fde68bca3eb9c2890ca13269d32e69b934015c835c58bf3fbcbc0882a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 11:06:49 GMT
via
1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront), 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
39404
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
707
last-modified
Fri, 27 Oct 2023 04:25:00 GMT
server
nginx
etag
"16dedd9843ebf0f8b6bc64ecaf782f56"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
1IFqF0NW5JVS1maIef3Dcntraxcgq5oEbRvU8HzuWd5tGveo_csEJA==
expires
Sat, 28 Oct 2023 11:06:49 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 37BC 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
49788
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 08:13:45 GMT
expires
Sat, 26 Oct 2024 08:13:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODQjJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMTM5OTYzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0kNTQ2MwY5OTUl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:33 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
xIX3-Nx3bcmv96WTJfOsVmRuf4gL8ilVmeSwrsH9_hUEMNeQNai4jw==
match
c1.adform.net/serving/cookie/ Frame FAAB 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B25261B6-EDE2-464E-8639-81237415D144&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 27 Oct 2023 22:03:34 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame E212
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81ce3ad2e9385d7a-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81ce3ad1c82c5d7a-FRA
content-type
text/html
date
Fri, 27 Oct 2023 22:03:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
373
pubmatic
ad.mrtnsvr.com/sync/ Frame 998C 		0
0
pub
matching.truffle.bid/sync/ Frame 202D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 27 Oct 2023 22:03:34 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 927C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4FC39DCB3D064A649B7E8557A4C3A953&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4FC39DCB3D064A649B7E8557A4C3A953&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:03:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 27 Oct 2023 22:03:34 GMT
expires
Thu, 26 Oct 2023 22:03:34 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4FC39DCB3D064A649B7E8557A4C3A953&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame C07E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1698444214060
  • https://ad.turn.com/r/cs?pid=45&rndcb=1552421305
  • https://sync.1rx.io/usersync/turn/4294739934230002354?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Fri, 27 Oct 2023 22:03:34 GMT
etag
RX7fce20dc2c10457e9a01fe8e7009987b003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
mw
mwzeom.zeotap.com/ Frame 3D52 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B25261B6-EDE2-464E-8639-81237415D144
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81ce3ad1cc950493-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 3D52
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B25261B6-EDE2-464E-8639-81237415D144&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B25261B6-EDE2-464E-8639-81237415D144&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B25261B6-EDE2-464E-8639-81237415D144&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:46 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:45 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B25261B6-EDE2-464E-8639-81237415D144&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
52799
stags.bluekai.com/site/ Frame 3D52
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B25261B6-EDE2-464E-8639-81237415D144&gdpr=0&gdpr_consent=
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=6d76c542e1871a3f
62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/52799?id=6d76c542e1871a3f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 27 Oct 2023 22:03:34 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=6d76c542e1871a3f
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3D52
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8287462243405912418
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8287462243405912418
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 27 Oct 2023 22:03:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:34 GMT
an-x-request-uuid
7cb14726-da4c-4353-b122-8b11e4fe83c3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8287462243405912418
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODI5JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMTQjMwYzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD01MwI3OTMlMmE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:33 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
vG849F-K7UEuzfrLkUPvLItqCpUfHpr3ya9Hf8AHXf-L38B-Dty5TA==
PugMaster
image6.pubmatic.com/AdServer/ Frame F5B0 		47 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23372256&p=159835&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 27 Oct 2023 22:03:33 GMT
content-length
47
content-type
text/html; charset=UTF-8
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/ 		257 KB
258 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
adc7b78ad3e891ff65e5f879e620b87323a1eb02daa64084d76c3f5d626184cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:16:58 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront), 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
56795
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
262824
last-modified
Fri, 27 Oct 2023 04:25:00 GMT
server
nginx
etag
"1f1de934167ad5072d2d8bd62683f3f5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
45TZfWtoNVsdkCm_DSiME32QZH6yiseRBl7FNcdGCIhql_ZEexFS8w==
expires
Fri, 10 Nov 2023 06:16:58 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTEmJaNypaZypyRcoWU9MTY5ODQ0NDIjNSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE2NwAmMTI2Jat9NwU2Jax9MmY5Jz1mqGE9MTplNTU1NDAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow13q3phZGFcoHyzYWNyo2ZzLzNioSZmqWJJZD13q3phZGFcoHyzYWNyo2ZzLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9ZaV0Yz9fp2y0ZXMzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZlqz49MwIkMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZmp3BsYWRioT0zpGkuY2VgZW50U3RlZWFgVHyjZT0kJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMTQ2NDxzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0kMmYkMmt2MmU3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:34 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
OGVYQ1G8GHeuuyfkyq5zKmt2kfEsw1Sww0jIEjOR-JB5jfp8j3l2sA==
5ea84e9a-3a15-46d8-a9a9-bad9e4760b5f
https://www.dailyfaceoff.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyfaceoff.com/5ea84e9a-3a15-46d8-a9a9-bad9e4760b5f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 37BC 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 11:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
37072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 11:45:42 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=1110824260793765247&acvw=sv%3D958%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26tos%3D2514,0,0,0,0%26mtos%3D2514,2514,2514,2514,2514%26amtos%3D0,0,0,0,0%26mcvt%3D2514%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4551%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1230%26pst%3D2037%26dur%3D20015%26vmtime%3D4667%26dtos%3D2514%26dtoss%3D1%26dvs%3D2514%26dfvs%3D2514%26dvpt%3D4109%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2147483618%26psv%3D30%26psfv%3D30%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444215876%26pngs%3D9,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2514,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1698444208182?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3D52 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159835&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=videoplaytime25&ad_mt=5330&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D958%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26tos%3D3134,0,0,0,0%26mtos%3D3134,3134,3134,313...
ade.googlesyndication.com/ddm/activity_ext/ Frame 5ECD 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D958%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26tos%3D3134,0,0,0,0%26mtos%3D3134,3134,3134,3134,3134%26amtos%3D0,0,0,0,0%26mcvt%3D3134%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5171%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1849%26pst%3D2037%26dur%3D20015%26vmtime%3D5329%26dtos%3D620%26dtoss%3D2%26dvs%3D620%26dfvs%3D620%26dvpt%3D620%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3134,3134,3134,3134,3134%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2147483586%26psv%3D62%26psfv%3D62%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444216496%26pngs%3D9s,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3134,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1698444208182?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=video_skip_shown&ad_mt=5330&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		2 B
780 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 27 Oct 2023 22:03:37 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.599.0&bgai=BvNO6rzM8ZeTpM-iWjuwP5PmRuAEAAAAAOAG6BRMI_Ie23Z2XggMV1IiDBx0c-AYH&bg=!BQalBknNAAbo5yKYyOc7ADQBe5WfOBlF48mN1Yx3yA0tPHelELH7YNXO9_sqWEA3Mu8UDqDmfu_hjCNOL3TBXMOKePkQAgAACgVSAAAAAmgBBwoBRLzV5KHHT8CWOjSEwcDSuHmPEZeAqiluuw264uGybMEp9poogTfHLb1XO4y0UKDsznCIA_ILp3lpqI0bbeuBTgi61DP0Y_3Y--HofN-7JBAQGK8hXBPIFa2dyXw8I3ze5VQ-zuFOPnB4zop2ZNDjAOQ6HxkCVxMWAOWK_usj7S5qV4NAb9cNNLxTrUCedQrSJ52NsaPjDzs6ToKMFO62Vg2htOGbscx8UgZzLmWM-SWpN-8m2xJ4CU_YMpJHl8jvA6-Y0blktcRt1IVCOk5-IkIW4nuZA6_OA3yfXvElE0BPzcfFDWwljy4PFDle3yTZt0jpc-SaAEFTj1K3hsjoG_0IQUtG4_E3waJTv7XVNfIAONXwgt3nlemAbpPBcmsLERUew92bHMTiV9nW5nzM4M5PZTd9L_4YWYFO7IRwXaSLsmiRm5kCP-mPvsMNTvTj6_JkS3VVxNPU0UzghXZoMdLjp9f-ga8hUZscFHftSCIDsz6VFBhOuBHk9NZa6MtK8Y8H7uYns87jgQe0oUjdF791mNedkbB05amPTDzXU-KRCpnqw1F4TRPQHFPPZliMcfuU7VsS9NXYIJJdfcwXKAqkxIwBgypuzgcjWlje57klNQ1UDsd4hDxjIcLULTllLa0JiB13GhvaxaDjxweDpBoHlI2Jc1sMXoDg2zJYeDjAV8nRd4SEs7HAnY8oW9VqUAxRWaJOsPjhxDQLvatDmDbuvujxA0txs_z0sAzL5O3Ku7Qhv4x3FV_a0hD5whSAJ2DXaEkt3zhx5zdx5YeIBboAVQ0-sGl_H7cZELOZgQzsIy4P69ahWpUm8mTZeB1zUKs9rdf4D4FbnpoD79PfuJwu1h7j3WFpfwb81_rOhY-t2ZHPBKcWpJKLP1JexDvkxEgc_Cx-7W8GDF9uHHX5u3hND0IWmATkt5FblF3OK3ENQv-J2iIzUfsKO5dTafk-tkswHYBO7VsZfs1GaBNCDlGvGPzUfiTqjN6gF4WHfkFPCu4BtDspMejb1fUOyVQYqT7m62uEFl5DmX4Krs5LbxQmYprQ6DmzMAsLfdHpEW5CBe0saN6tqaTGzrhsdiOGPY01rjrqOrLjnLNeyujKG6T3flwck4PlpVltbt84Lq6Fjl4mtI0Ljux8VFl094rKPMgRjrARoKeyLe0TX6AY81SG25Ul8BwoWxEBDZ9Xh42P_UT0DrXh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/ 		190 KB
191 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b6a60b3665380654749d0d620b22d301d4a4d8ad740a41b3973e87f4b4020b43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:16:58 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront), 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
56801
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
194956
last-modified
Fri, 27 Oct 2023 04:25:00 GMT
server
nginx
etag
"6f9403d7a4edb76eaef1625b3ba11120"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
Rcn7wgPeh18lCJzNCg_T82ZIGex_xmkyw5MMX5gyIbncBjt-sDqjug==
expires
Fri, 10 Nov 2023 06:16:58 GMT
aclk
www.googleadservices.com/pagead/ Frame 5ECD
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CvF7jrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHij...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECW...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAHABW6gBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&client=ca-video-pub-1320774679920841&ctype=110&label=video_10s_engaged_view&ad_mt=10225&nis=5&dblrd=1&sig=AOD64_30vVGKpi7dmm4ZeVDRRl-1GofRzQ&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAHABW6gBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&client=ca-video-pub-1320774679920841&ctype=110&label=video_10s_engaged_view&ad_mt=10225&nis=5&dblrd=1&sig=AOD64_30vVGKpi7dmm4ZeVDRRl-1GofRzQ&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=videoplaytime50&ad_mt=10225&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D958%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26tos%3D7726,0,0,0,0%26mtos%3D7726,7726,7726,7726,77...
ade.googlesyndication.com/ddm/activity_ext/ Frame 5ECD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D958%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26tos%3D7726,0,0,0,0%26mtos%3D7726,7726,7726,7726,7726%26amtos%3D0,0,0,0,0%26mcvt%3D7726%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9763%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3417%26pst%3D2037%26dur%3D20015%26vmtime%3D10225%26dtos%3D4592%26dtoss%3D3%26dvs%3D4592%26dfvs%3D4592%26dvpt%3D4592%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50336531%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D4592,4592,4592,4592,4592%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2147481858%26psv%3D1790%26psfv%3D1790%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444221087%26pngs%3D9s,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,7726,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1698444208182?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
www.youtube.com/api/stats/ Frame 5ECD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.225&rtn=20.000&ns=yt&fexp=44772139%2C44777649%2C44781409%2C44802463%2C44806075&el=adunit&cpn=rynfzjBT0iMi9O1-&docid=6DujLddsxag&visitordata=CgtuNC04LXFmVmlNaw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=10.225&fmt=18&rt=8.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.dailyfaceoff.com%2F&len=20.016&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=118.0.5993.117&cos=Win32&cosver=537.36&cplatform=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
liveView.php
live.primis.tech/live/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODA3JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMwIjNwYzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD05NDAkMwx1NDx=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:41 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
xQ8c6qX-se8i-lcT2sN4EdrSGQImr04YTzKxqTMcjKcrlRY4gni8yQ==
liveView.php
live.primis.tech/live/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODA4JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMwIkMDEzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0lMDE3MDE0Mwt0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:41 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
8_t4CWF9XY9S-h5yWiEWsbK_5lVFCx3PASxZZOjr2I66P7-_6Az6MA==
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/ 		192 KB
192 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e77a464af87629a27feea4fd850774095aa96475f6fc7d2b7a9412f1f98cf459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:17:05 GMT
via
1.1 c1a6a510f3f008881a299e0b31f8558c.cloudfront.net (CloudFront), 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, LHR50-P3
age
56796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
196272
last-modified
Fri, 27 Oct 2023 04:25:00 GMT
server
nginx
etag
"6fcd7bd7bb20d998461eba963362d4f6"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
996tiUeCcvrZoV-fO_udmUjcQRG8lM5VRS_R-Y90D8gDK7b5aq7wiw==
expires
Fri, 10 Nov 2023 06:17:05 GMT
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/ 		192 KB
193 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f314fd73c799e8d26e1831a85d38db69d40ee984d7b26233bf89a66f933bcd5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:17:06 GMT
via
1.1 b291286a8ed764ccc4372393caf68cc0.cloudfront.net (CloudFront), 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW53-C1, LHR50-P3
age
56800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
197024
last-modified
Fri, 27 Oct 2023 04:25:00 GMT
server
nginx
etag
"1017c6872986d434db49f40177b89dd5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
aoluM_rMo2uVaWsuVZlbj-V_2Hfl6Bqk-rEmDO2FlsPpXAN62uAqWg==
expires
Fri, 10 Nov 2023 06:17:06 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=videoplaytime75&ad_mt=15620&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D958%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26tos%3D13128,0,0,0,0%26mtos%3D13128,13128,13128...
ade.googlesyndication.com/ddm/activity_ext/ Frame 5ECD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D958%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26tos%3D13128,0,0,0,0%26mtos%3D13128,13128,13128,13128,13128%26amtos%3D0,0,0,0,0%26mcvt%3D13128%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15165%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4430%26pst%3D2037%26dur%3D20015%26vmtime%3D15619%26dtos%3D5402%26dtoss%3D4%26dvs%3D5402%26dfvs%3D5402%26dvpt%3D5402%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50336531%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D5402,5402,5402,5402,5402%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D21,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2147418370%26psv%3D65278%26psfv%3D65278%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444226489%26pngs%3D9s,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,13128,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1698444208182?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
delayplay
www.youtube.com/api/stats/ Frame 5ECD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/delayplay?ns=yt&fexp=44772139%2C44777649%2C44781409%2C44802463%2C44806075&el=adunit&cpn=rynfzjBT0iMi9O1-&docid=6DujLddsxag&visitordata=CgtuNC04LXFmVmlNaw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=18.148&fmt=18&rt=16.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.dailyfaceoff.com%2F&len=20.016&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=118.0.5993.117&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/ 		189 KB
190 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cd00f32aac73cc85d1c849f8c97e7baa0ffe1716815f1bd74f05ced736bae193

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:17:05 GMT
via
1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront), 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P1, LHR50-P3
age
56803
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
194016
last-modified
Fri, 27 Oct 2023 04:25:00 GMT
server
nginx
etag
"a477cfabdd699fad1163ff61b9b57011"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-amz-cf-id
N_JrRbANfGKOF8dtsUhPHqr6fxsbtwgu1h1kA94GWBaGIADG28ldlw==
expires
Fri, 10 Nov 2023 06:17:05 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODA1JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMmAkMTIzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD01MwA4OTQ0NmY=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:49 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
KDYiIYEc1pjBZkEmN2rIaRglbcXQrM5uE9kOdRnV5n_Ry4z4c33oJQ==
liveView.php
live.primis.tech/live/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODAkJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMmAkMTMzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0lMDUjODx4NDQ0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:49 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
CJLnzxXHywwJnNV26JqKKPorjyd3YyVq00vEvxu9myIIDsCcnwoa1g==
w_480_00005.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/ 		231 KB
232 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid653b1ae33ca6b558133018.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d3:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0f120e2007bcaafbbd76bfc0898747be2d8630e31cdf9a494b9a54de1355b9f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:17:15 GMT
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront), 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LHR50-P3
age
56796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
236504
last-modified
Fri, 27 Oct 2023 04:25:00 GMT
server
nginx
etag
"4f13ade41eb8ff91c5313de59a9d2e40"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ybO9eKN3xuGpSUAwYtq5Z-VQNzzh_YHJg80oxeaIOh0n7LFBsUBEZw==
expires
Fri, 10 Nov 2023 06:17:15 GMT
watchtime
www.youtube.com/api/stats/ Frame 5ECD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/watchtime?rti=20&st=10.225&et=20.016&final=1&ns=yt&fexp=44772139%2C44777649%2C44781409%2C44802463%2C44806075&el=adunit&cpn=rynfzjBT0iMi9O1-&docid=6DujLddsxag&visitordata=CgtuNC04LXFmVmlNaw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=20.016&fmt=18&rt=19.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.dailyfaceoff.com%2F&len=20.016&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=118.0.5993.117&cos=Win32&cosver=537.36&cplatform=desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5ECD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5vYBrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBNwCT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsXF8uP7zje5pBo7849i6-K8e7ogXxjf7We6_7uUCA5Yx9j9lUM2THyu271PekvpzGlBTaZ7dLP5_exLlwAT33bCyygTgBAGIBd_MtPdMoAZUgAejs8WMBKgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTMzMjIwNDE5MTc3Nzc5OTaACgPICwHaDBAKChCwnbKLta7cwDMSAgEDqg0CREXiDRMI7OO23Z2XggMVaIuDBx3kfAQXsBPS0I4V2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=tTTUkrSgqAo&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=videoplaytime100&ad_mt=20016&sdkv=h.3.599.0&vci=CpgBCAESHnNlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDgwNDY3NTIwNTIyDDY3NzMxNDQ4NzY5NEDEAlImEA8lAACgQSgBOgs2RHVqTGRkc3hhZ0IJZ29vZ2xlYWRzSLoYUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=13;acvw=sv%3D958%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26p0%3D581,-2600,950,-1944%26p1%3D581,400,950,1056%2...
ade.googlesyndication.com/ddm/activity_ext/ Frame 5ECD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=13;acvw=sv%3D958%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D581,400,950,1056%26p0%3D581,-2600,950,-1944%26p1%3D581,400,950,1056%26p2%3D581,400,950,1056%26p3%3D581,400,950,1056%26tos%3D18212,0,0,0,0%26mtos%3D18212,18212,18212,18212,18212%26amtos%3D0,0,0,0,0%26mtos1%3D3134,0,0%26mtos2%3D4592,0,0%26mtos3%3D5402,0,0%26mcvt%3D18212%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D20249%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D5303%26pst%3D2037%26dur%3D20015%26vmtime%3D20015%26dtos%3D5084%26dtoss%3D5%26dvs%3D5084%26dfvs%3D5084%26dvpt%3D5084%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50336531%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D5084,5084,5084,5084,5084%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1122%26femvt%3D0%26emc%3D35%26emuc%3D0%26emb%3D29,0,0,0,0%26avms%3Dexc%26qi%3D61777526%26psm%3D-2145386754%26psv%3D2096894%26psfv%3D2096894%26psa%3D0%26pnk%3D1698444206785%26ptlt%3D1698444231573%26pngs%3D9s,14,15s%26veid%3Dsloi%3A1,ovms%3A1,xdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,18212,0%26ss0%3D0%26ss1%3D0,0.12,0.12%26ss2%3D0.12%26ss3%3D0.12;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.12%26t%3D1698444208182?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aclk
www.googleadservices.com/pagead/ Frame 5ECD
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CvF7jrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHij...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECW...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAHABW6gBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&client=ca-video-pub-1320774679920841&ctype=110&label=video_engaged_view&dblrd=1&sig=AOD64_30vVGKpi7dmm4ZeVDRRl-1GofRzQ&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=Ci42MrzM8ZeTpM-iWjuwP5PmRuAGfxYHuc7TCpJPZEbCQHxABIMCoympgleKQgqAHoAGj-_SsKcgBBakCOm0nL2q7sT7gAgCoAwGYBACqBN8CT9DD4oHowVN-n25vBvggoo9q0vOEcDRUECWIHijGiFyuTXWtZikkXG_WkjI2yxGefOAFWAIQyBym1CSEol8YLrQy-1sbyWk02QfVCU826RPrNqDxT6z05D5ZG_oMVHpK5KlmMtOvxdoE1iD7Jc1xXOQAgwx-_Ed-cswU60fItGOxIi5VFJAxHAJhRzQmiubSmCU_N99bbtw_yddzYGRQZsQvQiwQ5uRTjCwDXvRG0ZraoKTuLAaIKRgUcOFYspZsjm9lFDuXiT1mlijV-4T-oqJV6xve-WfpCAD-TqmAT1P_7kNN-s4RaZav3HsaMA87EDFYG7R4hliQQilKszF_36aG6j7Tuyn8AJSJrlq1GaIcWW-QpvfsihWe5o-YIsOIsSl9GuL7t3hblF8KY6RdeMK0drm6XnMuzc9pUtAmCTU73yen202ispFFwn3GJQ7_O4bl_7DxNC28424Cpn1lwAT33bCyygTgBAGIBd_MtPdMkgUICAMQAhgBUAHABW6gBlSAB6OzxYwEqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzMyMjA0MTkxNzc3Nzk5NpoJQmh0dHBzOi8vd3d3LmF1ZGlibGUuZGUvY2F0L0tyaW1pcy1UaHJpbGxlci1Ib2VyYnVlY2hlci8xNjIwOTkxMDAzMbEJWpn5y51i6uaACgPICwHQCw_gCwHaDBAKChCwnbKLta7cwDMSAgEDmg0BD6oNAkRFyA0B4g0TCOzjtt2dl4IDFWiLgwcd5HwEF7AT0tCOFdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&ase=2&gclid=EAIaIQobChMIpP233Z2XggMVaIuDBx3kfAQXEAEYASAAEgKmA_D_BwE&num=1&cid=CAQSOwDICaaNfoRUiwQZvmBqobFb2SR8NlSau9ToXz3PD2F8c2KxpmMZoyk_Oq8cjzg-ORee26kIqC30XyzGGAE&client=ca-video-pub-1320774679920841&ctype=110&label=video_engaged_view&dblrd=1&sig=AOD64_30vVGKpi7dmm4ZeVDRRl-1GofRzQ&adurl=https://ad.doubleclick.net/ddm/trackclk/N1884730.279382DBMGROUPM-XAXISLI/B30829935.378629896%3Bdc_trk_aid%3D569609914%3Bdc_trk_cid%3D202625982%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=200034;
ade.googlesyndication.com/ddm/activity_ext/ Frame 5ECD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=1110824260793765247;met=1;ecn1=1;etm1=0;eid1=200034;?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
shb.richaudience.com/hb/ Frame 3EF7 		4 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Oct 2023 22:03:52 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 3EF7 		37 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%222149651c768dbe7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailyfaceoff.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A2%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.dailyfaceoff.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%2C%22adunitcode%22%3A%22adUnit_17%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22222af693dbd5abe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22tid%22%3A%2248bf9db3-9942-49fe-a7ac-7f5f0142644c%22%2C%22sid%22%3A%22656x369%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B656%2C369%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A656%2C%22h%22%3A369%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2223ca2bbd5370067%22%2C%22ext%22%3A%7B%22siteID%22%3A%221014833%22%2C%22tid%22%3A%2268f21bd4-899d-4811-8e12-87fe22315395%22%2C%22sid%22%3A%22656x369%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B656%2C369%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A656%2C%22h%22%3A369%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2231368%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22114a0e8a-47ec-4838-98cd-d83c33a69030%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cf6bfd47e958bde8fb8a21df87654c4238f813ee91d16aed75a81cd924a8e1

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFfzh%2F%2BvuhrbPOBEb58dfeR2axWqRlBJOVEnbhtpDYIkOJ4vVIo0bWdOJypocqk6DAdHHYCEYSZz5w5gjUBNtiKTp2PWqHFubm2pao%2BjnC8n43Du%2FSbhD0thhb00jyW8srY1WWR%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ce3b439cc9904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
liveInternalSsp.php
rtb.primis.tech/live/ Frame 3EF7 		25 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgWVgT4mbS%2FwVUmXzIl5s4xxphz1y2tEMNj%2BGRxzUy0rBIPcJMtF8%2FoVz2ZGOYtWVd2VNUcZkEsXF3d%2FiegelXHhlF4S0RpN2L9gis14EXN%2F%2FDQ7uhKThtRUi226W8sawbJoQCmGhzBwlKdcKpENYhBe5Z3eX%2Fj%2B7%2FkgATsl89Mvl0UGY5vRPDRhu6Y24QJYg2UVYIx2NwGymwmI%2FT3z5N%2FXZsErfZxydFJg%2FStiDmEav2uCaLF7VxWiVvYGfAikDOgOENDjLmG6rCudWISsMPus6dMTzNQYW5lZejme7GfzYJyqUGuZ8J7%2FUs%2FniaL8tgkUT1kcuyqnrORuTNLG8U13n2hlL4TwbovTrComW7JaPZU64bK4C3J4H%2BPl11N6K2Rc3ltcQ9w6P1LlIx5Wns4Re4HhmgUBnkrbWjdbVw3bwaEPSsbqorIo0Gc%2FoXfEx96ZQ%2F0LJEr%2BEloh7ys%2Bbq8f%2B%2BjUWoEEFr%2BxBI5h3Ph2T%2BB3mgV1VJexw%2BuYK%2BZRlyXtQ55a%2F68h9icls6ua5Jo8AM%2FmPBN7jROTSBXAZB5iyriFuEXuDAsibXnIUEqsQYx0gxwY19L%2FDaxLIqmYyV5vXujcYnddecEADBlsN%2BzUejZyB1jHuQf6J0l2KwVCX1mlV8qehqVlBn3fOGEL5nrZuiNpXr6xJkQS7FkG4D8VmQW4Tim3yJ8s20csIpqYAkIxEWx5JXU1yAV7CswkqiJ%2FQbZZLVOw1Ojc5ZxBURogd9LBbVWgigrJabhdwMXQO7pMvZqDPZ2pbepb6x%2FNkLjqXWEpnVCY%2FkhVy4UyaBg4wnYEkonau3JJqUWSpoZxyhzbIn8EzCbXlHDuF%2BjWhBesDkhoWYVlOT69eJvvSOpBQuaCqZZwE7Lmz%2BORCIFR0pkU13%2BY5EQRHDcLMbNd2C3KyLQIqwy133Imz0vkokTN4mPPAImBzLOQon2COLhfZkhK3o%2FEeKozjD0Y0MPzBw29GzDKedHNPC42L9v%2BYEjRm5JEOmrUejoJ5F2WlR4WJWZDdOlpKPaeC4N6UL2yZArr6XJq%2BRYVfiSF6iw9zKvl1Sx9XUZEdHLEEQJWyzldTOSlb3mU6YLtcEQ5N4Y5Pk0oQROM0CNtrjhpgFE2fGsWEpFlQBp7gICedy0yME65aBzGxDZljkyI2BSlpfBvoWefPLe9YbgK0QXoPOBz1AfctiqFS6BSUQiaF7e5FnCiL3Ine2bvNjMj6XpE06GfQdOwKnEw2guPhFXtlvNJdaic0wKxFlWckJWR2mtgjNqf2R7IM6yv8I6gC8TSm5VrVH%2FnLRJNd1dU4DcAhC1IwUR0%2FyVj35fZmwnmiQgr66cAgAvxFuQGOkfMtUEQlVB%2FU9EZqTXYVAXNlrCXGSO6ejkzPETahbnHHCwFWLrQcqVlMOawI7R5IfS87NuidrGq5GuV8ubZvm621OzIS6iqvtDwDoRNrZ3fUfs9Iw3oIIbF1snZ1VgFuNGEXyxtO2HDOcBEEn36L9FSby3Pm%2FctB%2FMb4oMg46JBiLmE%2FrdBlNcyE5czG0AIR9qTzO5q9NORc3s2M5etQuhj0u5nD1DffklJKxS%2FFsK0sTWa5SwxE0s7brQYzq1k84plszKMwtxwboXhshsv6CUM%2Fme6uy8%2Bt6LzXw0EpcZkB7%2FUD035qld%2ByRKpqJ7NhJ8%2BWyPJR%2FP6XphifoS1aUOpWpVYJ%2FJ1t9U89uzdRzf9%2B0ircDcGs6d513ENYHUx5Q4VDAGZDqOoYuRbiQtrpRGfBTi580PotXsvDXTfBC58oNWQVmt9nWyPM8KrWOClg8felMzcab7D%2BiHQ5MoX8MB08uSukFYO1oIEde6RGvJH68fL3x5YtlyH8%2FvNK6%2B4Ebe0CUGM6G%2FnsaCm9O4FmjGUTRCsh%2FQuRm5i4SRFGv%2FvpAvwFvCyC0CtMb8%2BSgAEVeztCULLMZ8BcAprXsEnBbq38wbIAlqippwfTmOTjTiP2Di02552GEfKLv4NrT1Tk40IwwBomSSboksxxyq75%2BVPK4xwi5duM97NNBHmxs7k80o3wfUsP0xNHchM8BAeZEoXwaQHlQ9LLeneBql%2FOic%2FcgUahA2ekJhHoP56%2FqBGobyd4RiJE5QWkqh68w2are%2FWfKz8%2FWtVx48AF6eQJXJmwwzQ1183%2Bza8F0aH8Avv733A%3D%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:52 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
zZ5HcpIMbotsayd_xR70QH2GMQSJAd3kdqArd65R6zFoWRb_LIM_rg==
translator
hbopenbid.pubmatic.com/ Frame 3EF7 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 3EF7 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Fri, 27 Oct 2023 22:03:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 3EF7 		184 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a32e726771fae845099a4e20226724d9a5f691ba6a9d53b72f9f81b7990a7b8c

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 3EF7 		145 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8fa2304416c7666ddd843d6c090170df851181a43cf8244572288a027f9fd0bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:52 GMT
an-x-request-uuid
56e066c3-46d3-43b7-896c-c3f36f04b3fa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 3EF7 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=raZFHmvMiGgbJ&cb=1&ws=1x1&v=23.1020.1619&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A80%2C%22id%22%3A%22Amazon_Video_400x225_Mob%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:52 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
50XFBTZRT98JZ3HN4DXQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
r86hc99Iywh1WiN3wllLduprRaZxG6UnB7rFdTkJsPrmeCssXSfJew==
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTEzp2VlqzVlVGygZT0kNwx4NDQ0MwA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY2MDMkMwYzrD02NTYzrT0mNwxzoXN0YT0kNmI1NTU0MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqzyxX2F0nT1zqXRvo2kmnXRyplZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTNuMDAyM0EkMDElJTNBZDVyMCUmQWElMGYyM0E2NmUmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkOC4jLwU5OTMhMTE3JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTNwMmNuY2I2ODt3JaJ2ow0lMwEjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJaNmpF9uZG9gPSZjoGFwZW1yoaRTqHJyYW1UrXByPTEznXNDqXJlZW50oHyWnWV3YWJfZT0kJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMmIlMDtzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0kMTYkNwxmMDA3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:51 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
jAOdiUC3DHrf2Ts93w2Sf4FiQ8OXA_1cvVPkFKPp85uXyWxXk_pWdA==
liveView.php
live.primis.tech/live/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwx4NDQ0MwA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTplNTx2OTYzrD02NTYzrT0mNwxzoXN0YT0kNmI1NTU0MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZlqz49JHgWUF9SVx5sTUFDUx99JzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwx4NDQ0MwMlMwM0JaVcZD1TZWgcozRiU1BfYXyypwY1M2MmM2FwZDYmMGQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9NmIlNmQ5OTU3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:52 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-id
V0gUGlGi_E2317sxb-d6yuGSv4AQlqYo0OfJVV7svp0oHKM-N_ppIA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwx4NDQ0MwA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTplNTx2ODpzrD02NTYzrT0mNwxzoXN0YT0kNmI1NTU0MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0lMDAkJTNBYWM4JTNBMwAyM0EmYTAjJTNBMTAkMvUmQWQ1ZTAyM0FuMwBzJTNBNwp1MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwEkNlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUmYmMmYWNvNwt4NlZlqz49JHgWUF9SVx5sTUFDUx99JzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwx4NDQ0MwMlMwM1JaVcZD1TZWgcozRiU1BfYXyypwY1M2MmM2FwZDYmMGQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9MTp4MTI4NmQlOQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:51 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-id
T6fFh0W5BOpGKBZKp72YVoC5TpBg6CAiOfdjZSZFw_41sgyMT5cYGA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ingest.php
events.newsroom.bi/ 		2 B
780 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.56.86 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy01.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 27 Oct 2023 22:03:52 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
ads
securepubads.g.doubleclick.net/gampad/ Frame 5ECD 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F63317524%2Fdfo%2Fhome%2Fvideo&description_url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&env=vp&correlator=1451143164716612&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=670x338&unviewed_position_start=1&ad_rule=0&cust_params=player%3Dprimis%26tagID%3D%26postID%3D%26prmsig%3Dwdvsfe&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4099075284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&sid=67FBD55A-AE9C-4E55-B9FC-550D0D930F7D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44806075&ref=https%3A%2F%2Fwww.dailyfaceoff.com%2F&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dlt=1698444204693&idt=2425&dt=1698444232546&cookie=ID%3D308d2f0f8c1e4dbc%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MYu3bQ2peP66yA41sAPxUM9Lh0Dug&gpic=UID%3D00000caa4952bf1e%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MaODL0aDXhX8rpDJAd_zD98WePjbQ&scor=4293618667669344&ged=ve4_td28_tt26_pd28_la28000_er581.-2600.950.-1944_vi0.0.1200.1600_vp0_ts25_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5ECD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lo95tugs&c=727901353091&slotId=363950676545.5&qqid=CKT9t92dl4IDFWiLgwcd5HwEFw&gqid=rzM8Zbz0MdSRjuwPnPCbOA&fb=ima_html5-lima&sdkv=h.3.599.0&mrd=4&aab=0&itv=1&faa=1&met.4=ff.lo95tx6b~vss_pp.4ft~vss_dp.hc8~evoace.lo95ucgl&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5ECD 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C22671245338%2Ffutbolsites&description_url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&env=vp&correlator=1451143164716612&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&ad_rule=0&cust_params=prmsig%3Dwdvsfe&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4099075284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&sid=67FBD55A-AE9C-4E55-B9FC-550D0D930F7D&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44806075&ref=https%3A%2F%2Fwww.dailyfaceoff.com%2F&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dlt=1698444204693&idt=2425&dt=1698444232742&cookie=ID%3D308d2f0f8c1e4dbc%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MYu3bQ2peP66yA41sAPxUM9Lh0Dug&gpic=UID%3D00000caa4952bf1e%3AT%3D1698444206%3ART%3D1698444206%3AS%3DALNI_MaODL0aDXhX8rpDJAd_zD98WePjbQ&scor=4293618667669344&ged=ve4_td28_tt26_pd28_la28000_er581.-2600.950.-1944_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTE2JaNypaZypyRcoWU9MTY5ODQ0NDIjNCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MCZmqGE9MTplNTU1NDAzrD02NTYzrT0mNwxzqzyxX3Bup3NEo21unW49q3q3LzRunWk5ZzFwZW9zZv5wo20zp3VvSWQ9q3q3LzRunWk5ZzFwZW9zZv5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTNuMDAyM0EkMDElJTNBZDVyMCUmQWElMGYyM0E2NmUmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkOC4jLwU5OTMhMTE3JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTNwMmNuY2I2ODt3JzNioaRyoaRGnWkySWQ9Mmp4MTt5MlZgZWRcYVBfYXyMnXN0SWQ9MTQkMDYzoWVxnWFMnXN0SWQ9MmU3MwYzY29hqGVhqE1uqGNbVHyjZT0znXNFrGNfqWRyRaJioU9jqD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTt0NDQlMmMjNDMzqWyxPVNyn2yhZG9TUGkurWVlNwUmYmMmYWNxNwMjZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD00MTA1Mwt1NmI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 22:03:52 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
UV72R1oo5IfCzC0yhX-GZkWId9a0fnJYqXtYImP7z--UeSAPRku8xQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| documentPictureInPicture object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __cfBeacon object| dataLayer object| googletag object| tude object| google_tag_manager object| google_tag_data object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _comscore function| e function| t object| marfeel object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent664 object| tudeChunk object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| a0_0xe970 function| a0_0x429f function| a0_0x5df6a2 function| a0_0x56a426 string| optmn_playmaker_publisherName string| optmn_playmaker_timezone object| optmn_playmaker_networkIds object| optmn_playmaker_allowed_domains string| optmn_playmaker_domains_json object| optmn_playmaker_domains string| optmn_playmaker_smst number| optmn_playmaker_smpr string| optmn_playmaker_coladv string| optmn_playmaker_floors_active string| optmn_playmaker_debug boolean| optmn_playmaker_probability_result object| a0_0xad66b object| optmn_playmaker_auctionResults object| optmn_playmaker_allAuctions object| optmn_playmaker_adunitsMatcher undefined| optmn_playmaker_sendTimeout object| optmn_playmaker_adunitsTracker boolean| optmn_playmaker_auctionSent object| optmn_playmaker_xhttp object| optmn_playmaker_floors_data undefined| optmn_playmaker_floors_prebidObject object| optmn_playmaker_floors_adunitsMatcher object| optmn_playmaker_floors_values boolean| optmn_playmaker_floors_collect_bids object| optmn_playmaker_floors_collected_bids object| optmn_playmaker_floors_config object| optmn_playmaker_floors_allowed_adunits object| optmn_playmaker_floors_disallowed_adunits function| optmn_playmaker_floors_log function| optmn_playmaker_floors_now function| optmn_playmaker_floors_trackInstance function| optmn_playmaker_floors_createAdunitsMatcher function| optmn_playmaker_floors_auctionHandler function| optmn_playmaker_floors_save function| vadopt_floors_get function| optmn_playmaker_floors_set function| optmn_playmaker_floors_set_initial function| optmn_playmaker_floors_set_initial_floors function| optmn_playmaker_floors_init function| optmn_playmaker_probability function| optmn_playmaker_log function| optmn_playmaker_debug_cookie function| optmn_playmaker_fileGetContents function| optmn_playmaker_getDeviceType function| optmn_playmaker_getDomain function| optmn_playmaker_createAdunitsMatcher function| optmn_playmaker_createAdunitsMatcherFromPrebid function| optmn_playmaker_createAdunitsMatcherFromPrebidInstance function| optmn_playmaker_getUserData function| optmn_playmaker_timeoutHandler function| optmn_playmaker_winHandler function| optmn_playmaker_auctionHandler function| optmn_playmaker_getAdunitName function| optmn_playmaker_attachAdunits function| optmn_playmaker_sendResults function| optmn_playmaker_trackInstance function| enableAdPushUpTracking function| optmn_playmaker_init function| _typeof function| isString function| isBlob function| polyfill function| sendBeacon object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass boolean| pbjsLibraryLoaded object| ggeac object| google_js_reporting_queue object| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO object| _aps object| apstag object| COMSCORE object| ns_p object| Criteo boolean| sekindoFlowingPlayerOn undefined| google_measure_js_timing boolean| apstagLOADED object| apscustom object| lotame_sync_16576 number| google_unique_id object| sas object| apntag object| _ADAGIO object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| GoogleGcLKhOms object| PublisherCommonId number| google_global_correlator object| closure_lm_134456 number| lnt_z object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| google_image_requests

115 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARCtFgoJCP____8HELcW
i6.liadm.com/s Name: _li_ss
Value: CgA
.script.ac/ Name: __cf_bm
Value: NMEIgr69BK7_Nx65hlPzEW.3o89wswL_pert2jCsAtI-1698444204-0-AepyCUStxuS4bXXsHrQyQsLauvAC53qCMjNouJKQmXuB0RG5oZqmBY54269JUrgyeCT+jotW1GCqlXHejMe0zkc=
.dailyfaceoff.com/ Name: _gid
Value: GA1.2.358730730.1698444205
.dailyfaceoff.com/ Name: _dc_gtm_UA-2397777-11
Value: 1
.dailyfaceoff.com/ Name: _ga
Value: GA1.1.137208439.1698444205
.dailyfaceoff.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1698444204%2C%22currentVisitStarted%22%3A1698444204%2C%22sessionId%22%3A%22c0cf6d77-912f-4635-b260-e637e6482b15%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.dailyfaceoff.com/%22%2C%22referrer%22%3A%22%22%7D
.dailyfaceoff.com/ Name: compass_uid
Value: f0e51c08-a3d0-4449-913d-0b75bb5832ba
events.newsroom.bi/ Name: 294_u
Value: f0e51c08-a3d0-4449-913d-0b75bb5832ba
events.newsroom.bi/ Name: 294_s
Value: c0cf6d77-912f-4635-b260-e637e6482b15
events.newsroom.bi/ Name: 294_lv
Value: null
events.newsroom.bi/ Name: 294_ut
Value: 0
.dailyfaceoff.com/ Name: _fbp
Value: fb.1.1698444205314.1437328195
.kargo.com/ Name: ktcid
Value: 3a7c5003-3815-07e5-1c89-4a5a8dd4b5fc
.rubiconproject.com/ Name: khaos
Value: LO95TS8J-P-E1WM
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EjLFEjylGM+5iAkF7RiBdb4AgvEG2sPPZosxPxU5qr+6Gl2n+bG/mhxAyatN2YgQI4eVDFz0mB5ODOAeVvN3U5AWWUd+velUmvXt0g4ihdWDSKPLRELhl3xG7JtXJVTTK0=
.adnxs.com/ Name: uuid2
Value: 8287462243405912418
www.dailyfaceoff.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.prebid.a-mo.net/ Name: __amc
Value: 2_1698444205_1698444205
.dailyfaceoff.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1698444204%2C%22userId%22%3A%22f0e51c08-a3d0-4449-913d-0b75bb5832ba%22%2C%22userVars%22%3A%5B%5B%22mrfExperiment_fiveGroupsExperiment%22%2C%225%22%5D%5D%2C%22futurePreviousVisit%22%3A1698444204%2C%22timesVisited%22%3A1%7D
.dailyfaceoff.com/ Name: __gads
Value: ID=308d2f0f8c1e4dbc:T=1698444206:RT=1698444206:S=ALNI_MYu3bQ2peP66yA41sAPxUM9Lh0Dug
.dailyfaceoff.com/ Name: __gpi
Value: UID=00000caa4952bf1e:T=1698444206:RT=1698444206:S=ALNI_MaODL0aDXhX8rpDJAd_zD98WePjbQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkoPHaTsKm-sYCELRwoiGsckveTq_3B6LHAgxVacCBPqXMYI2d5tJl2Q1BDLa4
.dailyfaceoff.com/ Name: _ga_WYFDLPLCRR
Value: GS1.1.1698444204.1.0.1698444206.58.0.0
www.dailyfaceoff.com/ Name: _lr_retry_request
Value: true
www.dailyfaceoff.com/ Name: _lr_env_src_ats
Value: false
www.dailyfaceoff.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-27T22%3A03%3A27%22%7D
www.dailyfaceoff.com/ Name: pbjs-unifiedid_last
Value: Fri%2C%2027%20Oct%202023%2022%3A03%3A27%20GMT
.casalemedia.com/ Name: CMID
Value: ZTwzr3PgpIElCasoWgOXSQAA
.casalemedia.com/ Name: CMPS
Value: 3343
.casalemedia.com/ Name: CMPRO
Value: 3343
.csync.loopme.me/ Name: viewer_token
Value: 9a1b8b12-ce9b-4c62-b5ba-1919f51b1ddc
.creativecdn.com/ Name: u
Value: rnt1kAa0n2eG09etZIkK
.creativecdn.com/ Name: ts
Value: 1698444207
.criteo.com/ Name: uid
Value: a8dff7f8-8e8e-45e6-b2c6-013f48aa8081
.dailyfaceoff.com/ Name: cto_bundle
Value: cCe1yF9yYlNzck5RbHdlRkgxSWdLdGc2bHpoSk9KSDFUQUpYVHV5JTJCbUpOZmlTVyUyQk4zWWszekF1TVk5dkxUdCUyRjVHd3ZqdWdvYlBTcURNV3UlMkJyQVZCdDBuU2FpcXFlN1B2YlREZ3N5Q2tnaiUyRnZDN01uWGZ1dDk4JTJCWWpkTDdEbjc0Sm9Rc3hzNVY4RWx2Uk0lMkZGbXRPR1gwSzk5UmRjRWk3UWRhTWI1TVRDUm93Rk9NVSUzRA
.demdex.net/ Name: demdex
Value: 77366746005055913402012238553828724313
.dpm.demdex.net/ Name: dpm
Value: 77366746005055913402012238553828724313
.liadm.com/ Name: lidid
Value: b63a2fc8-bd90-4a64-816f-4163a2633169
.amazon-adsystem.com/ Name: ad-id
Value: A9lPPwrAZ0Xhhfq1K3vfrzo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B25261B6-EDE2-464E-8639-81237415D144
.bidswitch.net/ Name: tuuid
Value: e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec
.bidswitch.net/ Name: c
Value: 1698444209
.bidswitch.net/ Name: tuuid_lu
Value: 1698444209
.adfarm1.adition.com/ Name: UserID1
Value: 7294762331752626332
.quantserve.com/ Name: d
Value: EM4BCwGkKvijAA
.quantserve.com/ Name: mc
Value: 653c33b1-c7b35-918f3-200d3
.simpli.fi/ Name: suid
Value: 4FC39DCB3D064A649B7E8557A4C3A953
.weborama.fr/ Name: AFFICHE_W
Value: 9KkfItGP2Hv026
.turn.com/ Name: uid
Value: 4294739934230002354
.de17a.com/ Name: guid
Value: 1.4935152712030784535
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7294762331752626332&KRTB&23369-7294762331752626332
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8287462243405912418&KRTB&23339-8287462243405912418
.audrte.com/ Name: arcki2
Value: i02bWESzDfqS6-UcxTwmu1L0g!20220908!1698444209875!ip#45.141.152.77
.audrte.com/ Name: arcki2_pubmatic
Value: B25261B6-EDE2-464E-8639-81237415D144!20220908!1698444209875
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTwzsQAACwH_FAAg
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQyNDE3MTE1MRDiM9T1DXIJC04sz891c80BAPS29SQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQyNDE3MTE1MRDiM9T1DXIJC04sz891c80BAPS29SQlAAAA
.nrich.ai/ Name: _nauid
Value: c8c7873d-751d-41d7-8ec2-a3e6b8637830
.adsby.bidtheatre.com/ Name: __kuid
Value: 5eab5d25-134c-4cbf-9beb-a7c140b66514.467658209
.bidr.io/ Name: bito
Value: AAD9pU7KeGcAABduh9ukXg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4935152712030784535
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW&KRTB&19420-KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW&KRTB&22979-KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW&KRTB&23403-KDgkNS0-dWczbiA0LTg6by81cWUzPydmej4FAfWW
.adx.opera.com/ Name: UID
Value: OPU17cce391a7f648d1ba482c07500c3f38
.onaudience.com/ Name: cookie
Value: 0a55622d38d4c33c
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5124322329214744540
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e7d5aa3a-5c9c-42a5-ae2f-cbc92edeebec
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU17cce391a7f648d1ba482c07500c3f38&KRTB&23485-OPU17cce391a7f648d1ba482c07500c3f38&KRTB&23524-OPU17cce391a7f648d1ba482c07500c3f38
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JagVVUXXQYSQWjYYj
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6dcf07c5-1057-5e93-51fb-358faf99561d.mo4paleuGUAuW5WcJka2zzApRf7QEs0BOibuV%2Fprz4s
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6dcf07c5-1057-5e93-51fb-358faf99561d.mo4paleuGUAuW5WcJka2zzApRf7QEs0BOibuV%2Fprz4s
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abc8HxRBXXpNR-zWPr5lWHS2NmE0.yr%2FatuqVBBrFOApiw2eOdVKb7ACS6H87RXuqyEbrlQs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abc8HxRBXXpNR-zWPr5lWHS2NmE0.yr%2FatuqVBBrFOApiw2eOdVKb7ACS6H87RXuqyEbrlQs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIImsOb4bFmzUKCSWRqVCJaMj4554HAkFmS4YKSJTQAGAEHwYBCCy5_CpBjABOgSSgrqOQgQZ9RFl.EIlfca5UVur%2BZmwsq3XhlHN9w%2BrPLk%2BjpYvHUtwmE3s
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIImsOb4bFmzUKCSWRqVCJaMj4554HAkFmS4YKSJTQAGAEHwYBCCy5_CpBjABOgSSgrqOQgQZ9RFl.EIlfca5UVur%2BZmwsq3XhlHN9w%2BrPLk%2BjpYvHUtwmE3s
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6d38ca384a5b7df6
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-bc8HxRBXXpNR-zWPr5lWHS2NmE0&KRTB&23334-bc8HxRBXXpNR-zWPr5lWHS2NmE0&KRTB&23417-bc8HxRBXXpNR-zWPr5lWHS2NmE0&KRTB&23426-bc8HxRBXXpNR-zWPr5lWHS2NmE0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4294739934230002354&KRTB&23150-4294739934230002354&KRTB&23527-4294739934230002354
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEI5y3aCKxvcXpCVUddbRxSo&KRTB&23025-CAESEI5y3aCKxvcXpCVUddbRxSo&KRTB&23386-CAESEI5y3aCKxvcXpCVUddbRxSo
.adform.net/ Name: uid
Value: 8955987516037424013
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8955987516037424013&KRTB&23263-8955987516037424013&KRTB&23481-8955987516037424013
.audrte.com/ Name: arcki2_ddp2
Value: i02bWESzDfqS6-UcxTwmu1L0g!20220908!1698444210279
.smartadserver.com/ Name: pid
Value: 2241806176921324299
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAD9pU7KeGcAABduh9ukXg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAD9pU7KeGcAABduh9ukXg
.audrte.com/ Name: arcki2_adform
Value: 8955987516037424013!20220908!1698444210834
.yahoo.com/ Name: A3
Value: d=AQABBLMzPGUCEDEazVCdPFwGiVmi25NOPioFEgEBAQGFPWVGZQAAAAAA_eMAAA&S=AQAAAhpgoGUp7LJue9qO4VZpiu8
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlhYmJiZGBpaWT2C8E3NDS3NAMAKPIeOyAAAAA
.ctnsnet.com/ Name: cid
Value: aa3f65c769374df89b1ce0ac593ef81a
.w55c.net/ Name: wfivefivec
Value: pd3CufmI1QWuVt5
.doubleclick.net/ Name: APC
Value: AfxxVi4mYBWwWji48idAkk5AgASmeBNaCTz9jEy0rkFmtLgO3oRxZQ
.w55c.net/ Name: matchcasale
Value: 5
.pubmatic.com/ Name: DPSync3
Value: 1699574400%3A197_201_245_241_235_227_226_219
.pubmatic.com/ Name: SyncRTB3
Value: 1698969600%3A2_223_15%7C1700956800%3A203%7C1699660800%3A35%7C1703548800%3A69%7C1699228800%3A63%7C1699574400%3A88_46_8_254_13_22_55_243_176_204_99_81_71_54_251_166_165_161_233_238_21_56_214_3_264_234_196_249_220
ads.playground.xyz/ Name: connect.sid
Value: s%3A7LD7aU-ACYii9rpUhMNFd6eO2PYkqFnl.eoQ3G0wSAyE6FzHLNib74WImexLa9THi6sE8sQ09eIc
.zeotap.com/ Name: zc
Value: 0a23dad5-8efd-43db-7297-362597301732
.onaudience.com/ Name: done_redirects282
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003&KRTB&17107-RX-7fce20dc-2c10-457e-9a01-fe8e7009987b-003
.pubmatic.com/ Name: PugT
Value: 1698444213
.semasio.net/ Name: SEUNCY
Value: 807D512CF46C0E3A
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 159835:4
.tribalfusion.com/ Name: ANON_ID
Value: aFntuJrZcAQ9BqEr72it9ZcQrPV7iiMSNmRSDjXRN6eF2tuLAkryZbF9xQ72MS3lYBWYHp17ufxBiVWgTbGHNepQMZcL
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1698465815239
.pubmatic.com/ Name: SPugT
Value: 1698444215
.googleadservices.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: icu
Value: ChgIovI8EAoYAyADKAMwyOfwqQY4A0ADSAMKGQjy8oIBEAoYASABKAEwrefwqQY4AUABSAEQyOfwqQYYAw..

6 Console Messages

Source Level URL
Text
security warning URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.dailyfaceoff.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.dailyfaceoff.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B25261B6-EDE2-464E-8639-81237415D144&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
259f49d43f9ce59c9f2afc839769d37e.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ams3-ib.adnxs.com
ap.lijit.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cdn.adnxs.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.optmn.cloud
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
crcdn01.adnxs-simple.com
creativecdn.com
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dailyfaceoff.disqus.com
dis.criteo.com
dmp.adform.net
dn0qt3r0xannq.cloudfront.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
edge.aditude.io
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
futbolsites-d.openx.net
geo.privacymanager.io
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.minutemedia-prebid.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
krk2.kargo.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
region1.analytics.google.com
rr4---sn-4g5lznle.googlevideo.com
rtb-csync.smartadserver.com
rtb.openx.net
rtb.primis.tech
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
video.primis.tech
www.dailyfaceoff.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ad.mrtnsvr.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
104.18.36.155
108.139.243.64
108.139.243.72
108.156.46.25
13.224.89.83
13.248.245.213
13.32.119.77
141.94.171.216
141.94.240.143
141.95.98.64
142.250.184.198
142.250.185.226
142.250.185.98
146.59.148.16
147.75.84.158
151.101.130.49
157.90.3.144
162.19.138.120
162.19.56.86
162.55.236.224
172.217.18.2
172.64.149.180
178.250.1.9
18.165.201.38
18.165.242.110
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.81
185.64.191.210
185.86.138.122
185.86.139.93
185.89.210.101
193.0.160.131
195.5.165.20
198.47.127.205
199.232.196.134
2.19.244.232
2.23.197.190
2.23.78.67
2001:4860:4802:32::3
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
209.54.182.161
213.155.156.165
216.52.2.30
23.211.9.60
23.212.89.194
23.88.86.2
2600:1f18:ed:550e:78e7:c13b:e422:f8d2
2600:9000:2251:9c00:1a:5235:f980:93a1
2600:9000:23d3:6000:1:6448:6d00:93a1
2600:9000:248d:e000:19:b6f1:d180:93a1
2602:803:c003:200::61
2606:4700:10::6816:1957
2606:4700:10::6816:337b
2606:4700:10::6816:3d77
2606:4700:10::ac43:7b0
2606:4700:20::681a:9a9
2606:4700:20::ac43:49c2
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:22b2
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6812:1791
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:1d::9
2a00:1450:4001:802::2004
2a00:1450:4001:806::2001
2a00:1450:4001:809::2008
2a00:1450:4001:810::2001
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:13::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::282
2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e
3.126.163.234
3.126.229.145
3.226.11.122
3.65.107.250
3.71.149.231
34.102.253.54
34.111.129.221
34.111.131.239
34.253.158.202
34.95.69.49
34.98.64.218
35.156.243.142
35.186.193.173
35.204.158.49
35.214.196.36
35.227.252.103
37.157.6.243
46.228.174.117
51.255.68.171
52.18.114.103
52.210.247.62
52.223.40.198
52.29.154.74
52.7.64.161
52.70.155.97
52.95.125.22
54.171.212.190
54.192.137.23
54.72.74.77
54.77.223.222
54.92.137.241
64.227.64.62
64.95.96.108
69.173.144.137
69.173.144.165
70.42.32.159
77.243.51.121
82.145.213.8
85.114.159.93
98.98.134.243
00a54e9d080a2f18c8af7ef85a96f6c25f4cb17352f050ff91abb37cbb606065
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
01dae0ec506162147fb3866741d9abbd1d30fe98893260cf8579a64d0b0467c8
030dc3d4c76a9e1455644574ca644448fffd8edf570ad08ca3cd88fd93f912fb
03766113c60c5d25eafad8cdc67e574807b70422c26f95182d741020ab972326
03798fac6a1ae0c8e7d89a6c656f7c16ac00098c6616065517669d090ea35ab0
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8
050c0d9511bae6a567e94d1b81c5a673e64b32b308caa21167e4c5e61dc56082
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05bf9f66804f5b3fd3709c98ce41ebe1a4a9ce41383afb559282b5d035360960
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d3bb19645c6af96a0180f8eb4067f9133d372c078877ff2bc4ee006ed636a5
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08111d73cf694f4b8b7339301e9bb8f18326ff8e5bead87bbd8d7a9ead6e74c6
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0ae6c62a2a9c69aa427f3da2c542ce0a6572ec9a24d99c0cbcc27dcee10eeb09
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0d0d7fb08d7547fa79382cb831947edfad740c4ffecc9061f5ef4fc0ac198000
0f120e2007bcaafbbd76bfc0898747be2d8630e31cdf9a494b9a54de1355b9f8
10d94a22970df2a98d64662d138f8b6f1a5daa5782171d5de312fd06a850d9f6
11c185418c3c0126b6bdc8f4bdbbcac2699df371dc8932d29a23b17405ef4558
1400b94e62135a07b8794d3c7974d851cc2e914dc1d0fb93ba7f03c0b189e905
1499460ce5ec80dad274437e10869a4930ca9c892cb852ba90efc3464767b51f
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a72cb0a9f83cb4dec370c4a53fcb46aa12eb35cb7ce405672bafc38bfcae913
1c9e093dff3dccca5949b2ec7d95ce0fde4a030d56f866c05f97c34ef6fd54c1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d46e748a88ff7a7d8778dfe7b7e8a1040a855addf48938cde30f750558f2da4
1e2e5c32b1e1de0fb17834f86fb384a14e2dd0d4acd1a70221c1d27dbe0020ab
1e415ce18d1c20134aa56944a491f4e954ebf91b77656ebef2433e52cf481265
1fd10b6dff01533ad0ad1a6d06296c246270001ed05b326d2d377ec219442f54
206ec692f682e7210dc8e768e2233b0fdbb31413124e35f116764bde81eeb329
212a077fc8d15db8bb5d801963a24f52542b8af89e59f5ee151c5fbbc1235dea
216677b257b8aa0f42f6310e3b018a3cbfd423647c9f8ed0197f2afa584d6f18
21eec8e1c1f559cc6e31e5077ac9d5596162f36d38a13273274ca5e107e32de7
224dec49965a4bc596215b09bff280e01af7361134187ccbcb09673de47a9715
24fbec8c97a011616f14985e3ae0546618dbd22685d2edd0bd68f60abb2a27f1
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
26d2abeb4371a352156672f104dc7c72e0e22b14a608f44d1eb31e44964b95b0
28a22a3757060d4ec2f043ad5697391c3b189408f55395c733db8ddeeef5183e
2951823ac94f74528fc366f147a6953c5cf0748e46af7f5a49a3e45bf87ff0c3
2995971231b162fc5ed1a7125c1703948b221f3175a027721b3306900dfa503d
2a3b7a345b18da5b6360c15ddca29408d6883d8b701933ccd87aade7cf013650
2a991f46b6a11a88cb67c2ef91c8c60ce64a75ab2ff7da0e3baa8aa95d2e90e7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2caa974d7665ec8b54d3068650888b9180502b015283f5b69fba9b6dadd2e46a
2d09ddd3e6a62c7e77c9c17a99a9f3136d6da9ff926129f3cd5f93030bc80a36
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbb2049b6445858d9958a6aeb5043e600645aa955d3d0fa4d8a8198d3b71890
3093a5eb02b0d59e0510730bb6b6a8515942fe212b9ccd5e85ed9cab9266caec
327119fd40afcac838ef7d83e3f2dc4441219f4eadf4d8ed87e191bf71cfe182
33db68ab9d17ea9fa1a0c8e2291be98094f621f0c12a664384aa4182a5a3715e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374ec0bc6ed4dbe80d5b50ab1df72969a871ee0bf6213c7f6e378144b8702ce3
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b36491a598a385ee55fad7149712befe6be8f47eb58be511e560ee0bb2e3635
3b5c22b1f5551a2c3481a1f3ee1aa6f5e6525598423350ce528f075ac2f240f4
3b756d84fe739bb9f17ebc31396644e121e0765ac8449fb55a7522064d9fec27
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de7b02c8eb7669f21ac1831b7f1177c51689ffa3bc2175e40f91a90d4868af2
3e3ca049a956dcf79390d6ca118b1b631c705c905a987a1460e8175dc06f12b0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6a0baf7dbbc5ac8a75e413c851d73bb484b8d368f02c28ab08865b98b3b3bb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444648323745843fa6c9dbd51b320dfdacd718d27699d779310b87b92f5a27a2
44555bbe54bd61ebd3bcd2046a94e52fdd95e054ecb24f93c758fb9a7387f531
460f1244842bc6da64dfe2d9a5db61ef9198d54e94b649dea6be76715e7d968c
461d9d9ddb4829b826ede451b55580827053e6b4ec75b2c44fce2673e5b75fdd
466d845199969b74e099d521272075374d5cc1b1c28b94f3f6fa121ff0fe5926
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b9fdb121825cd610e3b74c681f5c2b8ff67c5dfdaff39db0c87c1d38aebe53
496913b9c2146703e5452254e115bfa25d1e6e690138448ed9a47757c8fa6826
4a464f656557d4f3533034f21ce23ce2fd1abfb82a2e43a7e4c7ee51e3fdca57
4aa3741725a3cfac0fde7e55903de1c4b18765636f546bcc8651523e617c3a0a
4bfd16961ed1b30e30101c7daa373b554902b425ffabeceaab8ff67aba419233
4c26159db4251ab0d14fc6a849a6411ddc16ffb0cdd54a09e8a03ed9f6993f51
4d6aa5b4c845b8f9ff6d96aa75daf97e312f5c81a96f442a379c30c08a4c6bec
4dae096c3cdf083300d4fb6aa7487b87c5eba0ff39b10933cb680e50eee9117e
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4e50e6c72911f039e930dd45727136c161a1d5b9939aefc8a6a92d1b8525cf52
4e93609719fd02ee4384c0230d3ce4fcafe153ce351d73812cd45bf752c3004e
4ea3b2fa1d671b8a073c7109f4bc263bbb246f2a51d767c99c1ef7d342879153
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5061a5007eb8d4180f555ba0848d0fe3f87928aec22825c7b76ee82f65fd4ffb
515f56f8b3cda6c2aba377ec9073722efbdf0772b2c7322e2047bc0a01883232
51ab6f42a961d8f55f5039531c55d9842979c735ee6ebb20d9f49d03a36bc1b7
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2
54fcb38f597d69363255918f56c83647802ccbc43cbaf4cd6aa198ea30785513
55307baebb414e28a8a9efa6ab6792c4186925ed493b00017277f4f5f72b73a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a4a6d06759abb4e7a6d1768597d7c40f333677b71f273280c9dc0a04d7197b
58675944f159bb03366620a058caccc73f8db99c00994e96b638dadd0551aed5
591d804fde68bca3eb9c2890ca13269d32e69b934015c835c58bf3fbcbc0882a
5a92be1a9cd1d6b36e5e9a8405ba52e0048926a2c29b785a1719a7a4f0c04bea
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5d267b27ee5f06ff7c3409835a916da8cbfff5f4d0fd4f575d1420c855ff6fe5
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e67335c603ef9a7dc07cda3f956cf34ced7befb61dbd12374ae28bcf3682531
5f4992265a6b21572af609055b8b9a5ee935be537d48b47275d500c9e7a7277d
611507bbabf28ba655ff46a9c2f4e0f30b2865408636783d283a86d93189f429
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62315e238f1c1ec55dfce9202d2ecedd042d968075bc4646bcc3e20edd38c212
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
648a37cdb9a12dfff993e1cc6fada2f2ffad3f11863338175728b5b889015c55
65534fdafbad9cb1acca833772bc23a5d03e1a89f1ae44f34699b522e023a11e
65dc10bdae421dcbb55ba2750df1d03f818100312c66e891cd89d8401033a795
660797c49f533020143df901172bae184da6973eadef65d29ecc4f69c55d1743
6750e55727cb658d6e61e2031b2be140bad3ca2703278aaa2e9f04dfb15fb9b3
6879cf6bc81539d5dd0f4c42bb43c2ce92e87cd830047f6791c91671b7288ea0
68f139fbcbee46376d1962aa24f994aa880a8ab736a1868ae29538b3d2398068
6a64265352b73d13aa9ad12d5e2a303bb4116082641468d8b2cbdf58acac90a1
6b82cf647adadca17e7bff6a803d9a34f1918256c2d8625a5461c639c4468591
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d24e19854f8b2802d7d9c4a93b08ce89ebd2b544bade662b5dd59573969ecc9
6d2f13a01b414123afd25f281e7f06ae7e99e9bc3774f74b8cd8b8a9695f61fc
6de70cd3ab2a39395bf25cfc37abd5994e25c9be96e73de4d0dfe60c635630af
6eed3f9a44f8265ab7239401f9917625bcfa9ced66220e43743145067012069a
714b7407d185b4c1f3059d9443f90413edd4609012c36baac81d01992f913008
741108ae832e77a0bfb152fdd2923d055cf45f4332f60b32800c4fa609a90374
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75d0e1101dc27c87c6956c676035c917c751ed157df687c3d409f3f1377246f8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7906dd8ee5297a81dfb6958ea188e72b1c889b2a162f67077476e2b3dcd43a24
79e67e47de355ef95089f44e5c91930a1ea080548bb035188fc7bac736533783
7bdbd49fc2840a0bedc3cfd93eee56befb12b4ae64c76dc0b649e8d8030810d6
7beb1d5568b1eb43005f615592c4cec893fee9c3253a6382a5fa7a415cf9bd79
7c6d187ecaded849274b37ffafaf89fed00521487d2bb63302bfc7994cee4146
7c7374e903dffae4b243c3c74d03ad3a266c0ce0cc2e26851ea42238ced630c5
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
8146d40c6b1a268cd9d07ec4b96c79c4912c7c96a57224448e826332109ca9d6
81a4821f3a3f567daaeecd9056faeedb12611908bb9a9b9f5baadae5438b1169
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83769670204f19ffa20a92887cb9b00769927d0fc60b70c94252030941a56225
840ef5f125c6bbffe74cc756fab25709b5a6ce539803e1b9b2410c8386557ff2
84b9ce33e46b56d2618938dfa42e575f80f8a1ddf31ed0a559258892b5279c66
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
856b8e5613167bc024c5fd800987c0cd296c9244a1f5eb6e58fe07023c02aca2
85e7781590b033b135f5dd35660b0395e7d7d56b3a2fecd82d144fd0ead8b370
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
876702a557e79418c29be6c55093cbd7e42f5195486183a54e69937862c2f037
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b61c56f7865331545d46697d49e6f08ecf17aec054fb4765394c685d72b8c82
8b61de031c9ca1a2595e7f6e33626130f32d5f2cb64ff2075cb75f4159aa2be1
8c83b9857077961a37ae8bdf9d1387abe6f1dcbe9de7d476271bb2c73c6af675
8c88e7a03a4a35314629f22a775db537bcb111d5ca95c475fdb35883b850c0cf
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d98915ed3cb9a5adbc271b167919c3f6d3dbafb4d690cb77c5765998e3dddb0
8da870fddc73389a65817e544819ad05fa8a7f595a93f657ab151f271d3380a7
8fa2304416c7666ddd843d6c090170df851181a43cf8244572288a027f9fd0bc
923632cafec423acc02c425b1e733ba1f715391a67d36fec7c1d3156170d5c71
93167d5a788d84153a48591535fedd2933ce6bac0cbc6b26dea9d666b72fb420
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9650c2f047b36768b976528d0a79622dd201ffb17c6bdb499f7de288a3e1e9f2
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97a7f1daf10f16f2e3e0b95440ffe6d0f1fe0b2f9f8c94d5a0158a266553f878
97b2caa8dc8f84c85efa039743ebbc7331fa840f544671544345c601ae88c277
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b38b7f9c7847bf7cbafc5d23579e6604b26ef0cacdb6910074734d576ba4db1
9c7a3ac0e70919989eeb785a9022d521f2f62ccc60ad907db13b1d6a546e3950
9c8e933852d168773d7d40514f550910e7731858c101e2d0654fcad6c105dd83
9dcec6cc997aa70da604139ad55428aa079c0bb72f9c56bcd01bbd13ed35b130
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1818e9f455a694eff3539467735274a6be6d4355a6e47a6545e46d984df0187
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a32e726771fae845099a4e20226724d9a5f691ba6a9d53b72f9f81b7990a7b8c
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a54790c816cd58bfc91796efed376b5f0554a52a74d48202af3ef2e919c6e12d
a5cfd91813dc1e977c25b2a04359f4752bdcb0d878097a003c3e9bf4db003093
a79795edd32df5096ab7052f4d9c66d0fd6a5a515ca405792f56d0e334e71734
a7e685bd4d9d9b602daff6f98766e32cedaa9e670d294adde5fc6ce662f2573d
a7f24863f9ca4da524603ea1ee73f4c1a139b4e9d9dcd2d4e87fb7d704779d56
a84bde1fe730fb30eb7ec5f5d358d16f9438ee40309e57e20bf93a2f86b3b732
a8c5ff159e7d983540e9065f29ec868fa182eb199438e25bbf52a4d093682683
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aae141a10815da23307e21f87d55c9b0a80de1600dddd83e0164b8c9b03a202b
ac1b23dbeb99bac0e5940f3609753e6f8a821a4d10e269e4002a3b3254b267ac
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adc7b78ad3e891ff65e5f879e620b87323a1eb02daa64084d76c3f5d626184cb
af73bc60ca28a31d86c8090b69c684f6a07ee624b4a048efd5af4cd49604586e
afbf2f12b4f81e325d436613f0994b0a25ce4dea459fd2a5fd20ca5d5b93d7fc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b274b46ff98a2800b10fc6bfd1022c3ad0b5bbd3eedbbca44c6db1ff8849f69d
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b4ca989cec583ed69b2df63c05d91ead25e13201945d9cc0bf9238a1a4d96045
b4e00fc9cfa7db225365e542d39be275242939d77efb176591250bb555692913
b572921812b7e72232b39687e746c15973e594211c223c5bd6158766cdfb2ee1
b5d262d92e543246a595d1b20ad250ffc44d0a4efc568d42c4dc39cb36bcc65e
b6a60b3665380654749d0d620b22d301d4a4d8ad740a41b3973e87f4b4020b43
b799af9aeb4d9b136c55a2c3e130bd6ce7d094009a9680d02d6575ececcaeef4
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bab3aaa8dcee55305b68434d9c09686160bc52fc2667b916b56cbf9e509ca1f8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7be030a24340f6fb74fd40e72a48819cad39e56305df75a4e9fc68fb0c4f1c
bc50b0daca7448b2b0a0f709545ae0f964555d05ca2fd5e9cff5b22577aea292
be61b415cff21e9526255f6e8478bfafe2179ed108a12aea9a40f814092b2af4
bf384fe6f0a73346a440660c76ba82c3e9b384adbbf5cb95197bd658a7150db9
bf3d8a50ea9662032b5e213d1dcb676b3129bc00ea3622bdac7f9ef00182e249
c19af2b5bffd688812dfdfceb887898c4a8cb73ef566dda5777db4f22fb55440
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36b426ba3041eaf0bbf7c9230e8feaf7c3e6a9b8a5c3e95b47780332ce87ee4
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c718009cf83f5b2de9ccc52e7b8d0c7f8ad3dcfb965a6ac190ec346a4901fc3f
c73e71693ae2d6b47e3af52357f5709628e1ab6f1a3e68546546b89423a0575f
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c98ec9a89e3a60b3cbd15d43724c922ec5b3864e2eddf211f1f51263b7c3327c
c9cf6bfd47e958bde8fb8a21df87654c4238f813ee91d16aed75a81cd924a8e1
ca4f93f9b0859a75d23927946792ef524cd8211ecf05adc83e1e686fa6e69b85
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cab9e938cdad5a79fc01a94c8f53908163808402687a450311fd74d0d517ea01
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9
ccc17794bb562f5d3003d7618d3f6e3815bb4da70e2a0b4e5dcead5784519288
cd00f32aac73cc85d1c849f8c97e7baa0ffe1716815f1bd74f05ced736bae193
cdc0b6480fa0cad16fdc99115734b4b76cb8bbe59c7b4d1c71cf75943623e1c5
ce76230f57c0a5804fe4a894fdc4dc763019463eb7fb545e3f75fe5df7f2572e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfebadc922e70c97b28be4d1cf1e3c4d8798c8111594f2dc38852fae9b7f8641
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0fbb77cd3405dbf120d958704831ca81e7d590b2f78431d20acd9493f124cb7
d42c0a4f26113d4c1846e1db418523468847edb2f9dd428a2dd49810bc3d4bdf
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d6e19f6dfb0cc5defd6d462aafce266c6f6bed63500aaa26225460ed08dd4ebf
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d81213e01b51d8d11f09d46a132fd11f9c8c1028e5d3d711254c4c05754623a7
d94bd1dff2b8bf4be2d2f75bcf67e61029e5b53d75e4ea27e0c4356a98d45936
da97b58476f441539800577d0d4e1a5940c63ace844961be0993e1a0ba999fee
dc5d9ca995a55caa58caf374359e64572afddf0cc6cd6109fc063389ed35b1bb
dc8818ab3f05897ae6608c16085d6194ebc3e120ae3acf3c68bbcea020018008
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
dde872fe6118bcfd6e6af73c59219670001dc90fc5a52845c24bc46b15727988
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc7613cf6cbe9af2ae4fdd0fa577120b30b135709bf8d03d16496dec9640f69
e0cb3a2656b642eec435dd8e72bb737734fc69af03edd834bb34493df614197b
e2046d0dffaaff13d278ded237ca0480d379f691f8c46017da3d383736d50e23
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e381e6206bcf05d9361a7a607f8746a696929868662a1189df33e5fae31fbbdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5b9953547fbf8a5b445207cf320f92a314fe18741b78e558aac727ddba6dff0
e77a464af87629a27feea4fd850774095aa96475f6fc7d2b7a9412f1f98cf459
e98f395bb8929b75791c82b3ef51416bdee0a0b4ef9f7f1fa06793cd5ce77316
eaf1cf8e4e22793e55296c30274d2f41f4d0452b39e0c1cbc01ad2a5086140f3
eb383daf5ac5f98ee1e961fe37ddf9f91e931bb1d0ab0bb07eb0b821e5ff8e11
ec3536952a4a1c0a15e8ad6fe8993a2e7fbf2fde8bc537b4a77c8684aa6521da
ecd6d4008a513ebda17dab40bafc1ff439ac084bfee57e6e4259ea741bcf67f3
ede96f7235536cf53e19694f7b688602ab6aa087b14b0526a854e54aab6a5602
ee518897d1c978ec75514fa74f4250ac3ee6164bc9625ba044042276d07c8fcd
ee649a18fb07a5c076fa66c61321f6a5fe3d54b971a2b78dbbb83ab55dadfa56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e3d20bdf9828968f99d6cadd764d147cf494947cbfdafdbb611760cb5d5a9
f286a73d4d1d68bb440ae8d6733c6e97e355860130286ad2db1cedb4c837a0f9
f314fd73c799e8d26e1831a85d38db69d40ee984d7b26233bf89a66f933bcd5f
f4033c8654d891b70f8402d7b2c19752ad70f943c9d05151abce2d3e2507c6ab
f42e18ef245c24dc9fddc4634bb45e82da91636a80aeafee95cb13d9b739117c
f4a244bba173746bb344d9da5e64977d078c97b29b2656e5e189ed6809f02db4
f54934e516d59ec5ca986e291c5445907c9db651e73988fe1c50fac7a813aaec
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f97c1f41fd7fe19224ec65bc340835a8901df80a9136bb26b9aa2549293f9585
f9c4716596e995d114d45a22e4adfc14eb492e37edfd12be58c2cfd122bc992f
f9e1d50b07a89e8f38a392ade671edd2fc8600a511745b877df5d4f0ba5997ac
fa7ee2a418043698daf720cd177a4f0b5172484a05fc604cc0294b099ed0c647
faeeb447489a22cb3134f5801c870b878a0ffb3d159b7c25d3d591c8ff4aa36c
fe4fec1eb01cadd69cae4a07801c7b799fae9dd2183f3a508da4636cc73e0247