urlscan.io logo urlscan.io
SecurityTrails logo

www.dailyfaceoff.com Open in urlscan Pro
2606:4700:10::6816:337b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.dailyfaceoff.com/
Effective URL: https://www.dailyfaceoff.com/
Submission Tags: falconsandbox
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 101 IPs in 13 countries across 91 domains to perform 413 HTTP transactions. The main IP is 2606:4700:10::6816:337b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dailyfaceoff.com. The Cisco Umbrella rank of the primary domain is 514167.
TLS certificate: Issued by E1 on October 7th 2023. Valid for: 3 months.
This is the only time www.dailyfaceoff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 132 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 34.95.69.49 396982 (GOOGLE-CL...)
3 2600:9000:225... 16509 (AMAZON-02)
1 199.232.192.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
22 2600:9000:212... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 3 65.9.95.81 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
6 52.222.208.154 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 54.93.221.31 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2602:803:c003... 26667 (RUBICONPR...)
3 52.57.151.220 16509 (AMAZON-02)
4 145.40.97.66 54825 (PACKET)
4 52.59.116.26 16509 (AMAZON-02)
4 23.88.17.186 24940 (HETZNER-AS)
3 2a02:2638:3::7 44788 (ASN-CRITE...)
2 16 104.18.26.193 13335 (CLOUDFLAR...)
3 63.33.109.54 16509 (AMAZON-02)
4 14 185.89.210.153 29990 (ASN-APPNEX)
3 52.48.84.121 16509 (AMAZON-02)
4 178.32.210.226 16276 (OVH)
3 216.52.2.39 32475 (SINGLEHOP...)
3 35.227.252.103 15169 (GOOGLE)
4 185.64.189.112 62713 (AS-PUBMATIC)
2 162.55.144.218 24940 (HETZNER-AS)
2 99.86.4.39 16509 (AMAZON-02)
4 13.32.119.77 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
6 2600:9000:212... 16509 (AMAZON-02)
2 65.9.95.63 16509 (AMAZON-02)
2 23.57.19.78 16625 (AKAMAI-AS)
2 65.9.66.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 37.157.6.233 198622 (ADFORM)
1 69.173.144.137 26667 (RUBICONPR...)
2 13.32.27.122 16509 (AMAZON-02)
1 5 52.48.43.143 16509 (AMAZON-02)
4 13.32.99.122 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
3 162.19.138.118 16276 (OVH)
4 52.223.40.198 16509 (AMAZON-02)
4 104.18.25.18 13335 (CLOUDFLAR...)
3 23.32.184.192 16625 (AKAMAI-AS)
2 76.223.111.18 16509 (AMAZON-02)
4 95.101.149.233 16625 (AKAMAI-AS)
4 7 185.86.138.154 201081 (SMARTADSE...)
9 9 172.217.16.130 15169 (GOOGLE)
7 8 52.208.23.16 16509 (AMAZON-02)
7 9 52.203.124.67 14618 (AMAZON-AES)
4 5 37.157.4.29 198622 (ADFORM)
2 157.90.211.246 24940 (HETZNER-AS)
3 6 185.64.190.78 62713 (AS-PUBMATIC)
1 3.120.99.213 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2 67.220.228.203 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
8 185.64.191.210 62713 (AS-PUBMATIC)
12 198.47.127.205 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 3 3.65.107.250 16509 (AMAZON-02)
1 1 3.126.233.203 16509 (AMAZON-02)
2 2 52.6.137.171 14618 (AMAZON-AES)
2 2 64.202.112.127 23352 (SERVERCEN...)
1 2 151.101.194.49 54113 (FASTLY)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 35.214.190.155 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 63.251.232.165 32475 (SINGLEHOP...)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 35.186.193.173 15169 (GOOGLE)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.242.204 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
2 2a05:d018:d29... 16509 (AMAZON-02)
2 3.71.149.231 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 64.227.64.62 14061 (DIGITALOC...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
2 69.173.144.139 26667 (RUBICONPR...)
1 2 209.54.182.161 16509 (AMAZON-02)
1 1 34.160.19.107 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 23.32.184.180 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
1 54.84.240.181 14618 (AMAZON-AES)
1 2.19.126.143 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 2 2606:4700::68... ()
1 23.88.86.2 ()
4 4 46.228.174.117 ()
1 2606:4700:10:... ()
1 2 77.243.51.121 ()
1 1 141.94.171.213 ()
1 1 34.102.253.54 ()
413 101
132    2606:4700:10::6816:337b (United States)

ASN13335 (CLOUDFLARENET, US)
www.dailyfaceoff.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
5    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    2600:9000:225e:3e00:19:b6f1:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)
dn0qt3r0xannq.cloudfront.net
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
dailyfaceoff.disqus.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2600:9000:2127:b600:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
rtb.primis.tech
3    2606:4700:10::6816:3c77 (United States)

ASN13335 (CLOUDFLARENET, US)
edge.aditude.io
1    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    65.9.95.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-81.prg50.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
flowcards.mrf.io
1    2606:4700:20::681a:b4d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optmn.cloud
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    54.93.221.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-221-31.eu-central-1.compute.amazonaws.com
krk2.kargo.com
3    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    52.57.151.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    52.59.116.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de
shb.richaudience.com
3    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
16    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
3    63.33.109.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-109-54.eu-west-1.compute.amazonaws.com
hb.yellowblue.io
14    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    52.48.84.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-84-121.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
4    178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu
prg.smartadserver.com
3    216.52.2.39 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    162.55.144.218 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy04.cl03.het.mrf.io
events.newsroom.bi
2    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
4    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2600:9000:2127:e000:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
video.primis.tech
2    65.9.95.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-63.prg50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
2    23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0e7ef9ea018f390df08dce2295c1b2a8.safeframe.googlesyndication.com
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    13.32.27.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-122.fra56.r.cloudfront.net
launchpad.privacymanager.io
5    52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
4    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4013:c1a::78 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
9    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
8    52.208.23.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-23-16.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
9    52.203.124.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-124-67.compute-1.amazonaws.com
a.audrte.com
5    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    3.120.99.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-99-213.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
8    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
12    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    3.65.107.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-107-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    3.126.233.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-233-203.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    52.6.137.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-137-171.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    35.214.190.155 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 155.190.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.242.204 (France)

ASN16276 (OVH, FR)
PTR: bixel-10.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    2a05:d018:d29:3601:bf41:b326:fa86:2937 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
futbolsites-d.openx.net
1    54.84.240.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-240-181.compute-1.amazonaws.com
rtb.adentifi.com
1    2.19.126.143 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-143.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
4    46.228.174.117 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:10::6816:1957 (None, )

ASN- ()
mwzeom.zeotap.com
2    77.243.51.121 (None, )

ASN- ()
uipglob.semasio.net
1    141.94.171.213 (None, )

ASN- ()
pixel.onaudience.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
132 dailyfaceoff.com
www.dailyfaceoff.com — Cisco Umbrella Rank: 514167
947 KB
35 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage2.pubmatic.com — Cisco Umbrella Rank: 959
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
41 KB
28 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1985
video.primis.tech — Cisco Umbrella Rank: 6591
rtb.primis.tech — Cisco Umbrella Rank: 6309
1 MB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
136 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
44 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
dsum.casalemedia.com — Cisco Umbrella Rank: 1698
10 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
142 KB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1721
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
7 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 984
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
27 KB
9 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
6 KB
9 googlesyndication.com
0e7ef9ea018f390df08dce2295c1b2a8.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
55 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
4 KB
8 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3462
launchpad.privacymanager.io — Cisco Umbrella Rank: 3214
geo.privacymanager.io — Cisco Umbrella Rank: 2195
35 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
id.crwdcntrl.net — Cisco Umbrella Rank: 2704
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
25 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 895
dis.criteo.com — Cisco Umbrella Rank: 648
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
8 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4617
dmp.adform.net — Cisco Umbrella Rank: 3616
c1.adform.net — Cisco Umbrella Rank: 643
4 KB
6 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4325
sync.richaudience.com — Cisco Umbrella Rank: 2114
1 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
2 KB
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
27 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
imasdk.googleapis.com — Cisco Umbrella Rank: 498
359 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
1 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
870 B
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
futbolsites-d.openx.net — Cisco Umbrella Rank: 117163
714 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
212 B
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1193
match.sharethrough.com — Cisco Umbrella Rank: 621
519 B
4 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
119 B
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
32 KB
3 1rx.io
sync.1rx.io
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
898 B
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19201
pixel.onaudience.com
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
1 KB
3 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4304
1 KB
3 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2980
1 KB
3 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 3009
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
3 KB
3 aditude.io
edge.aditude.io — Cisco Umbrella Rank: 14553
154 KB
3 cloudfront.net
dn0qt3r0xannq.cloudfront.net
61 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
60 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
952 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
768 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
688 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
3 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
994 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
983 B
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
34 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8041
2 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10215
flowcards.mrf.io — Cisco Umbrella Rank: 22000
35 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
89 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
161 KB
2 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
92 KB
1 playground.xyz
ads.playground.xyz
463 B
1 zeotap.com
mwzeom.zeotap.com
439 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
527 B
1 truffle.bid
matching.truffle.bid
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12024
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
695 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1274
35 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1907
350 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
555 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
104 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
187 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31844
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6854
277 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
795 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6415
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
225 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
705 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6982
346 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
524 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
280 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
17 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 optmn.cloud
cdn.optmn.cloud — Cisco Umbrella Rank: 26475
31 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1649
563 B
1 disqus.com
dailyfaceoff.disqus.com — Cisco Umbrella Rank: 935048
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
7 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
29 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
413 91
Domain Requested by
132 www.dailyfaceoff.com 1 redirects www.dailyfaceoff.com
cadmus.script.ac
static.cloudflareinsights.com
21 live.primis.tech cadmus.script.ac
www.dailyfaceoff.com
live.primis.tech
12 simage2.pubmatic.com ads.pubmatic.com
12 ib.adnxs.com 2 redirects edge.aditude.io
acdn.adnxs.com
9 a.audrte.com 7 redirects ads.pubmatic.com
9 cm.g.doubleclick.net 9 redirects
8 image2.pubmatic.com ads.pubmatic.com
8 match.prod.bidr.io 7 redirects ssum-sec.casalemedia.com
7 rtb-csync.smartadserver.com 4 redirects
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 video.primis.tech www.dailyfaceoff.com
live.primis.tech
6 c.amazon-adsystem.com cadmus.script.ac
c.amazon-adsystem.com
www.dailyfaceoff.com
6 securepubads.g.doubleclick.net cadmus.script.ac
imasdk.googleapis.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.dailyfaceoff.com
tpc.googlesyndication.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com www.dailyfaceoff.com
eus.rubiconproject.com
cadmus.script.ac
4 match.adsrvr.org live.primis.tech
ads.pubmatic.com
ssum-sec.casalemedia.com
4 geo.privacymanager.io cadmus.script.ac
www.dailyfaceoff.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 hbopenbid.pubmatic.com edge.aditude.io
live.primis.tech
4 prg.smartadserver.com edge.aditude.io
live.primis.tech
4 htlb.casalemedia.com edge.aditude.io
live.primis.tech
4 shb.richaudience.com edge.aditude.io
live.primis.tech
4 tlx.3lift.com edge.aditude.io
live.primis.tech
4 prebid.a-mo.net edge.aditude.io
cadmus.script.ac
4 i.clean.gg cadmus.script.ac
3 sync.1rx.io 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 ads.pubmatic.com www.dailyfaceoff.com
ads.pubmatic.com
cadmus.script.ac
3 tpc.googlesyndication.com cadmus.script.ac
3 rtb.openx.net edge.aditude.io
3 ap.lijit.com edge.aditude.io
3 hb.minutemedia-prebid.com edge.aditude.io
3 hb.yellowblue.io edge.aditude.io
3 bidder.criteo.com edge.aditude.io
3 btlr.sharethrough.com edge.aditude.io
3 fastlane.rubiconproject.com edge.aditude.io
3 mp.4dex.io edge.aditude.io
3 krk2.kargo.com edge.aditude.io
3 sb.scorecardresearch.com 1 redirects www.dailyfaceoff.com
3 edge.aditude.io cadmus.script.ac
3 dn0qt3r0xannq.cloudfront.net cadmus.script.ac
3 fonts.googleapis.com www.dailyfaceoff.com
cadmus.script.ac
2 uipglob.semasio.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 secure.adnxs.com 2 redirects
2 acdn.adnxs.com cadmus.script.ac
2 gum.criteo.com 1 redirects cadmus.script.ac
2 cdn.indexww.com ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 token.rubiconproject.com eus.rubiconproject.com
2 static.criteo.net cadmus.script.ac
static.criteo.net
2 ad.turn.com 2 redirects
2 ups.analytics.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cms.quantserve.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 sync.richaudience.com cadmus.script.ac
2 dmp.adform.net 2 redirects
2 eb2.3lift.com www.dailyfaceoff.com
cadmus.script.ac
2 js-sec.indexww.com www.dailyfaceoff.com
cadmus.script.ac
2 id5-sync.com live.primis.tech
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com www.dailyfaceoff.com
cadmus.script.ac
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 launchpad.privacymanager.io cadmus.script.ac
www.dailyfaceoff.com
2 tags.crwdcntrl.net cadmus.script.ac
www.dailyfaceoff.com
2 secure.cdn.fastclick.net cadmus.script.ac
www.dailyfaceoff.com
2 launchpad-wrapper.privacymanager.io cadmus.script.ac
www.dailyfaceoff.com
2 config.aps.amazon-adsystem.com cadmus.script.ac
www.dailyfaceoff.com
2 events.newsroom.bi sdk.mrf.io
2 script.4dex.io cadmus.script.ac
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net cadmus.script.ac
2 www.google-analytics.com cadmus.script.ac
www.google-analytics.com
2 www.googletagmanager.com cadmus.script.ac
2 fonts.gstatic.com fonts.googleapis.com
2 cadmus.script.ac www.dailyfaceoff.com
cadmus.script.ac
1 ads.playground.xyz 1 redirects
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 futbolsites-d.openx.net cadmus.script.ac
1 mug.criteo.com
1 dmp.brand-display.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 bh.contextweb.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 lb.eu-1-id5-sync.com live.primis.tech
1 match.sharethrough.com
1 id.crwdcntrl.net live.primis.tech
1 www.google.com cadmus.script.ac
1 s0.2mdn.net www.dailyfaceoff.com
1 prebid-server.rubiconproject.com live.primis.tech
1 adx.adform.net live.primis.tech
1 rtb.primis.tech live.primis.tech
1 0e7ef9ea018f390df08dce2295c1b2a8.safeframe.googlesyndication.com cadmus.script.ac
1 flowcards.mrf.io cadmus.script.ac
1 www.facebook.com www.dailyfaceoff.com
1 www.google.de www.dailyfaceoff.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.optmn.cloud cadmus.script.ac
1 sdk.mrf.io cadmus.script.ac
1 polyfill.io cadmus.script.ac
1 dailyfaceoff.disqus.com cadmus.script.ac
1 static.cloudflareinsights.com www.dailyfaceoff.com
1 www.googletagservices.com www.dailyfaceoff.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed live.primis.tech
413 139

This site contains no links.

Subject Issuer Validity Valid
dailyfaceoff.com
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2023-09-24 -
2024-10-22		 a year crt.sh
aditude.io
GTS CA 1P5		 2023-08-28 -
2023-11-26		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-03 -
2023-11-02		 a month crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-26 -
2023-10-24		 3 months crt.sh
cdn.optmn.cloud
Cloudflare Inc ECC CA-3		 2023-10-05 -
2024-10-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01		 2023-02-13 -
2024-03-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 49 frames:

Primary Page: https://www.dailyfaceoff.com/
Frame ID: 6598DAC2D8CC14D67D06B7CAA5F8661B
Requests: 252 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=113678&cbuster=1697542574126&cbuster=1697542574&pubUrlAuto=https%3A%2F%2Fwww.dailyfaceoff.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 4DB9C58D12F9FB8F9B7CBB5BB34F3A02
Requests: 49 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: A297DA9D6333204703EB590AC7AB8A01
Requests: 4 HTTP requests in this frame

Frame: https://0e7ef9ea018f390df08dce2295c1b2a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 68F768BCDDFBBE0B8753CA31D1F02A7A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 1AA675796F142B814E869472319D9C5F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8B56339D23D46176C067A118D25A79CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A43CECB4CEF0B9390E06B6A1AA90364
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6562D83C0BF25C28247F482148D56954
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 28F6B61B7E83D8B5F374339984290C5A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Frame ID: 35A9079B999554F67C335FE17EEA2932
Requests: 24 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 35745F72AB41937D7C026B9E9377C12E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: D10CA734777F030B84D2B38DCB1D2740
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 10CCD6FEBC00ED62BDD938336394F62F
Requests: 10 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F5254E77A6EECBE490A262C5F28123FE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 76601331A2DB2551EB4FA78BD6898132
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E
Frame ID: 81A9F0FFA05335595A83F6B0944CC637
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5130431364717863033&gdpr=0&gdpr_consent=
Frame ID: CA2EABED757C1A94D2C4E1342A323AAB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290889851789899929&gdpr=0&gdpr_consent=
Frame ID: 6600F354D8AD34F19869CC2ED2CE3A8D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 6E35C24126D534409C5764EA0816FF7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
Frame ID: 6F481ADDDAE58D072821CCFB29209F61
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: BAADC0ACE7A26FD94F976D636FE68FCD
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZS5xsQAAAtA15AA4
Frame ID: 6DCCFD2CF594BF072F018FD9C2695537
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAElsE7KXOMAABnqMgOumw&gdpr=0&gdpr_consent=
Frame ID: 824A7178BB49114C4DF75947470EEAEA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 246CEE24EC18C34E35C611435C84583C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8e62b9e17dc948efbdd9a25309a01439
Frame ID: DA085E9FF68A815560F75DD42BE4BEF8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DDF523B26117B2CAE3435C843FE55326
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2054724883715796864
Frame ID: B156E64D1DD3AA27ED057633F4B3FF9E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B54F5FF5072429B9B7964A34061D8376
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528278355321
Frame ID: CCED4DD97604FEE891C810EAC54FF2C3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A64008320DD26A2D31ECD793790829D0
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 5399E9B2A9BE5A53C7D5DB5E0F302703
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMTMVjbnXRUXaaTj&gdpr=0&gdpr_consent=
Frame ID: 704400BB71168BA3557E27C953316584
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailyfaceoff.com
Frame ID: 1620081568EBEF72AC7C0052106D45D8
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C8B8DCD7E4CF0265AF83580E97EA45D2
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 86234FAFC8D64F711A3AB68566017117
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835
Frame ID: 1737984D238613757785BDC8697D9B96
Requests: 2 HTTP requests in this frame

Frame: https://futbolsites-d.openx.net/w/1.0/pd
Frame ID: 25EB053DC4F872DC8CF33A82A6BBEA16
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 7556480681EF853EB4BB404BC4E48B5E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 78376488581D6083C8D679CF7B1620D9
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5006F24A3AE5C20534730AA94C694FDB
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=9740364049
Frame ID: 98D4769B90C70B0F9E390CD9CD4B366B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C541EBB4CE955502F2160B30F8DC319E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F054F0A3865D4E3FFF81D5A699A888C3
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
Frame ID: 5FA9B53CD269B153F421E19A1487B32B
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: AEA972AA8B21E2AE244AC853982BB9E7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 31C216201CFD95FB402F66EC6B28584C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 9AD5F658D09EC55B04D65EEAD24CE523
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFE09A62A2424248B78519CF53477614&gdpr=0&gdpr_consent=
Frame ID: 1E96F4C09E70A38667D5BD72F81DB073
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-014427aa-d2be-4854-bab1-5993d0eca415-003
Frame ID: 1D26880AA09FD330A30924311D910705
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Starting Goalies, Line Combinations, NHL News, Opinion, and Analysis - Daily Faceoff

Page URL History Show full URLs

  1. http://www.dailyfaceoff.com/ HTTP 308
    https://www.dailyfaceoff.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

413
Requests

92 %
HTTPS

33 %
IPv6

91
Domains

139
Subdomains

101
IPs

13
Countries

3844 kB
Transfer

9935 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dailyfaceoff.com/ HTTP 308
    https://www.dailyfaceoff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125
  • https://sb.scorecardresearch.com/cs/7161055/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjE1MjY2MjIzMjMxMzQ1MjYwMA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEMytBqbpp3tOOQib57hsIlQ&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 308
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEFtU7KXOMAABaJgpTVCw&partnerid=127&gdpr=0
Request Chain 309
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTlsWkJCRk4ySzZRVlNVaTRwUlFaSm0yQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDk5bFpCQkZOMks2UVZTVWk0cFJRWkptMkEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDk5bFpCQkZOMks2UVZTVWk0cFJRWkptMkEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDk5bFpCQkZOMks2UVZTVWk0cFJRWkptMkEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8671380081247465757&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDk5bFpCQkZOMks2UVZTVWk0cFJRWkptMkEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=99l9XERowh8QfeOLOO03RYm6Q&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=2152662232313452600&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 311
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
Request Chain 312
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2152662232313452600&gdpr=0&gdpr_consent=
Request Chain 315
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 319
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 320
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E
Request Chain 321
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5130431364717863033&gdpr=0&gdpr_consent=
Request Chain 322
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290889851789899929&gdpr=0&gdpr_consent=
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d27eedfc-2b1a-4f43-8a75-8f70d1878a8d&bsw_param=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 324
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
Request Chain 325
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 326
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZS5xsQAAAtA15AA4
Request Chain 327
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFbHNFN0tYT01BQUJucU1nT3Vtdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAElsE7KXOMAABnqMgOumw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2152662232313452600&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAElsE7KXOMAABnqMgOumw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2152662232313452600%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2152662232313452600&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAElsE7KXOMAABnqMgOumw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAElsE7KXOMAABnqMgOumw&gdpr=0&gdpr_consent=
Request Chain 328
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 329
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8e62b9e17dc948efbdd9a25309a01439
Request Chain 331
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2054724883715796864
Request Chain 333
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528278355321
Request Chain 336
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=df7f5c1e2962007c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QMTMVjbnXRUXaaTj%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DEcv7Kmx8QMTMVjbnXRUXaaTj%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMTMVjbnXRUXaaTj&gdpr=0&gdpr_consent=
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QSt-nLHhSeKTsXMJQZQjlw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 339
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=349801253 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=412B7E9C-B1E1-49E2-93B1-730941942397
Request Chain 340
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=412B7E9C-B1E1-49E2-93B1-730941942397 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTlsOVhFUm93aDhRZmVPTE9PMDNSWW02UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8671380081247465757&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDEyQjdFOUMtQjFFMS00OUUyLTkzQjEtNzMwOTQxOTQyMzk3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELzPM4pg7e9F5keSnC69Icw&google_cver=1
Request Chain 344
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8671380081247465757
Request Chain 349
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7859527669293716082&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 351
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:05161ac6-3f95-4080-a37c-35ca8a8f0813&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 355
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFzvR96qGKS0lq65JFHsdho&google_cver=1
Request Chain 358
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS5xsZdnmBoXPAoh6YOmnQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgDqFBfa9fWLIdK0HYaM1Q&google_cver=1
Request Chain 359
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=50dca7c0-4937-00e0-bf9873e8
Request Chain 360
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3WHKtLK1WEJpSw7vaYLmTLKi0Y0
Request Chain 362
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 367
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dailyfaceoff.com&sn=ChromeSyncframe&so=0&topUrl=www.dailyfaceoff.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=azog33wxeDVySWpzRzl2R0pOSE9YZHVhTHZsZVgzVGNxSUx0bGt1eitacU5VeVBZTnRVUzgvckF5NzB6bkNEN1h0WUR3RUc4VUlBSHNudTlFOTlETjV5cE0wNW1vamhHaHFoWmRCRG5WSy9qZkJTOG1UbkZWYmNwWWwvaTQyNWQxWllGdW5PdjhTWDliblNjSDZLaWo5WTlkS01BNXFSZllCWWYrbkxCdHBaSnljV2tUYzNVV1NEdFBNTEZHRTFVcmo1L1Q0OFVocXgwelVSeEgyYmtvWUY2OUx4NzArRSsybExHcVhxZnNxY043Rnk2NE84cmQxak0rd1Q3a3pHWkdQK2ozM0hrZzJ5bGVUeGNaOXpMR3dQZ2xtZmtjWkkvazdDbXJGc3gyaDBLTXRWdz18&cppv=2
Request Chain 384
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5130431364717863033
Request Chain 386
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=frwj8H-4c6RluiimK7o8oiu5c6xlvSClK--972qO
Request Chain 389
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5130431364717863033
Request Chain 398
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 400
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFE09A62A2424248B78519CF53477614&gdpr=0&gdpr_consent=
Request Chain 401
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1697542580364 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4019966294 HTTP 302
  • https://sync.1rx.io/usersync/turn/7859527669293716082?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-014427aa-d2be-4854-bab1-5993d0eca415-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-014427aa-d2be-4854-bab1-5993d0eca415-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-014427aa-d2be-4854-bab1-5993d0eca415-003
Request Chain 403
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=412B7E9C-B1E1-49E2-93B1-730941942397&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=412B7E9C-B1E1-49E2-93B1-730941942397&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 404
  • https://pixel.onaudience.com/?partner=214&mapped=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 405
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5130431364717863033

413 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dailyfaceoff.com/
Redirect Chain
  • http://www.dailyfaceoff.com/
  • https://www.dailyfaceoff.com/
110 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
5c9e5ce0644abd7c452d213ec8b1a7eaec2c294f6d5e0e77a5fb9f10104a0f9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81783e1e9b0f4d93-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 11:36:13 GMT
server
cloudflare
strict-transport-security
max-age=63072000
x-matched-path
/
x-powered-by
Next.js
x-vercel-cache
HIT
x-vercel-id
fra1::cle1::z7qcn-1697542573881-e27277b7e02f

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
81783e1e2b2c9963-FRA
Connection
keep-alive
Content-Type
text/plain
Date
Tue, 17 Oct 2023 11:36:13 GMT
Location
https://www.dailyfaceoff.com/
Refresh
0;url=https://www.dailyfaceoff.com/
Server
cloudflare
Transfer-Encoding
chunked
image
www.dailyfaceoff.com/_next/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FUSATSI_19612952-scaled.jpg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4afd8c5f389d8eee43ec5c60addc04182b51a2e3c78604599991cfa1d19b87e
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
56860
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="USATSI_19612952-scaled.webp"
content-length
29938
last-modified
Mon, 16 Oct 2023 15:58:05 GMT
x-vercel-id
gru1::28kvk-1697471884775-64c94f20b5d2
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1eeb6a4d93-FRA
gpt.js
www.googletagservices.com/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a84a776d6a35ce68c6a7756392b7efd4fd91a867bb90f6eb4843383ad7fc503c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29170
x-xss-protection
0
server
cafe
etag
233 / 19647 / m202310120101 / config-hash: 13405835948429687525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 11:36:14 GMT
b61016db7bba411f.css
www.dailyfaceoff.com/_next/static/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/css/b61016db7bba411f.css
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e685bd4d9d9b602daff6f98766e32cedaa9e670d294adde5fc6ce662f2573d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1830780
content-disposition
inline; filename="b61016db7bba411f.css"
x-vercel-id
gru1::f887k-1695710856299-8e3e206cdac9
server
cloudflare
x-matched-path
/_next/static/css/b61016db7bba411f.css
etag
W/"98f629791e97eeef817b2d2a40fdc1ce"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1eeb6c4d93-FRA
script.js
cadmus.script.ac/dc19s0tq5ynbc/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e033a4b393c5b7ca056fff71007168b3a5fd34b5f4feec2f0fac8069a2e584c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 14:42:26 GMT
server
cloudflare
age
0
etag
W/"039731745cad1d4a3bc03af24d69b2dfa1f6005b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81783e1f4e4530ea-FRA
4359.0dca074d69b5c18e.js
www.dailyfaceoff.com/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/4359.0dca074d69b5c18e.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0fbb77cd3405dbf120d958704831ca81e7d590b2f78431d20acd9493f124cb7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
925215
content-disposition
inline; filename="4359.0dca074d69b5c18e.js"
x-vercel-id
syd1::9sxmf-1685635080977-49c4990b756b
server
cloudflare
x-matched-path
/_next/static/chunks/4359.0dca074d69b5c18e.js
etag
W/"b94f57d7cefbec7c728aed3e775572b1"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b8e4d93-FRA
8874.14854d1e7b28d510.js
www.dailyfaceoff.com/_next/static/chunks/ 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8874.14854d1e7b28d510.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714b7407d185b4c1f3059d9443f90413edd4609012c36baac81d01992f913008
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1798615
content-disposition
inline; filename="8874.14854d1e7b28d510.js"
x-vercel-id
syd1:syd1::rnxx8-1683724598107-e3c268815689
server
cloudflare
x-matched-path
/_next/static/chunks/8874.14854d1e7b28d510.js
etag
W/"5b8691421cc0bb3a3a38ab57befea6dd"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b904d93-FRA
webpack-24d93b2020f68661.js
www.dailyfaceoff.com/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/webpack-24d93b2020f68661.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466d845199969b74e099d521272075374d5cc1b1c28b94f3f6fa121ff0fe5926
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
591576
content-disposition
inline; filename="webpack-24d93b2020f68661.js"
x-vercel-id
gru1::89j6c-1696950962766-dea9f0582a30
server
cloudflare
x-matched-path
/_next/static/chunks/webpack-24d93b2020f68661.js
etag
W/"7a30e1439279370eb412b82af15d0820"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b914d93-FRA
framework-dfb66ead2ff5a1a7.js
www.dailyfaceoff.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/framework-dfb66ead2ff5a1a7.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62315e238f1c1ec55dfce9202d2ecedd042d968075bc4646bcc3e20edd38c212
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1016982
content-disposition
inline; filename="framework-dfb66ead2ff5a1a7.js"
x-vercel-id
gru1::kfctj-1689897346460-9b700a293bc6
server
cloudflare
x-matched-path
/_next/static/chunks/framework-dfb66ead2ff5a1a7.js
etag
W/"c3a219d9803d78cece2512476740b0c9"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b944d93-FRA
main-7533f0a615197612.js
www.dailyfaceoff.com/_next/static/chunks/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/main-7533f0a615197612.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e19f6dfb0cc5defd6d462aafce266c6f6bed63500aaa26225460ed08dd4ebf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
921899
content-disposition
inline; filename="main-7533f0a615197612.js"
x-vercel-id
syd1:syd1::kjpkb-1680015842791-5c417ba9a9c2
server
cloudflare
x-matched-path
/_next/static/chunks/main-7533f0a615197612.js
etag
W/"b96b02cfa8a307c5a4955c30bc478fc2"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b984d93-FRA
_app-88d8344fa26c758c.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/_app-88d8344fa26c758c.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2798c071674d90e75024e00a49cbfe65ec9d66399077a0f8cc4c5f76c7b11c3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1798616
content-disposition
inline; filename="_app-88d8344fa26c758c.js"
x-vercel-id
gru1::k7zx9-1695421867948-42196a3ffdaf
server
cloudflare
x-matched-path
/_next/static/chunks/pages/_app-88d8344fa26c758c.js
etag
W/"86527e17fd654e6e6c645326e00a7c3e"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b9a4d93-FRA
6930-28017ead59698f50.js
www.dailyfaceoff.com/_next/static/chunks/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6930-28017ead59698f50.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4fec1eb01cadd69cae4a07801c7b799fae9dd2183f3a508da4636cc73e0247
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
700442
content-disposition
inline; filename="6930-28017ead59698f50.js"
x-vercel-id
gru1::5ctk5-1689190329307-8e9493bebda6
server
cloudflare
x-matched-path
/_next/static/chunks/6930-28017ead59698f50.js
etag
W/"85665c7eb739c264a41762ddf2fa1219"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b9c4d93-FRA
9734-f5703dbf0a8e8472.js
www.dailyfaceoff.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/9734-f5703dbf0a8e8472.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7beb1d5568b1eb43005f615592c4cec893fee9c3253a6382a5fa7a415cf9bd79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1766204
content-disposition
inline; filename="9734-f5703dbf0a8e8472.js"
x-vercel-id
gru1::4ncnc-1695710437091-0fb86da53159
server
cloudflare
x-matched-path
/_next/static/chunks/9734-f5703dbf0a8e8472.js
etag
W/"806d243ff6531e39e69126088a06e15b"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b9d4d93-FRA
8865-373aeb9246be552e.js
www.dailyfaceoff.com/_next/static/chunks/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8865-373aeb9246be552e.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d142cc6e7d06b614202a20a57f7087ccd8c9d9a3831b7d2bf661baeb350177
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
927255
content-disposition
inline; filename="8865-373aeb9246be552e.js"
x-vercel-id
gru1::bmmmj-1695710859897-6e3a45ebec59
server
cloudflare
x-matched-path
/_next/static/chunks/8865-373aeb9246be552e.js
etag
W/"82b1beb6bb9e8b1869634effbfc22438"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0b9e4d93-FRA
802-c672229d3ef35634.js
www.dailyfaceoff.com/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/802-c672229d3ef35634.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33db68ab9d17ea9fa1a0c8e2291be98094f621f0c12a664384aa4182a5a3715e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1579292
content-disposition
inline; filename="802-c672229d3ef35634.js"
x-vercel-id
gru1::d48l5-1695962704371-a68e6ac6cc08
server
cloudflare
x-matched-path
/_next/static/chunks/802-c672229d3ef35634.js
etag
W/"96b19d200e940914847fbbb6cb27bf70"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f0ba04d93-FRA
837-d91ae1882e772479.js
www.dailyfaceoff.com/_next/static/chunks/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/837-d91ae1882e772479.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741108ae832e77a0bfb152fdd2923d055cf45f4332f60b32800c4fa609a90374
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
925214
content-disposition
inline; filename="837-d91ae1882e772479.js"
x-vercel-id
gru1::g49hc-1695962704355-6b110d81b9d1
server
cloudflare
x-matched-path
/_next/static/chunks/837-d91ae1882e772479.js
etag
W/"7adb9b689dd118078da5ed16ca1254a9"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f1bac4d93-FRA
7798-71228dbc82df0d27.js
www.dailyfaceoff.com/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/7798-71228dbc82df0d27.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df1ad039c61ccd20de09cd596ade91f06ca382b502e39b31c2e983f3e20d183e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924550
content-disposition
inline; filename="7798-71228dbc82df0d27.js"
x-vercel-id
gru1::ccb2r-1695683989317-5d4bb25eaff5
server
cloudflare
x-matched-path
/_next/static/chunks/7798-71228dbc82df0d27.js
etag
W/"00af1d46972a138679ba35c3bef8c289"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f1bad4d93-FRA
index-fe53c655bf0aac0f.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/index-fe53c655bf0aac0f.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1400b94e62135a07b8794d3c7974d851cc2e914dc1d0fb93ba7f03c0b189e905
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
925296
content-disposition
inline; filename="index-fe53c655bf0aac0f.js"
x-vercel-id
gru1::sgxjq-1695710436997-81157ddac2ef
server
cloudflare
x-matched-path
/_next/static/chunks/pages/index-fe53c655bf0aac0f.js
etag
W/"392dca7f87cee6a6098d87ffafdc35f3"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f1baf4d93-FRA
_buildManifest.js
www.dailyfaceoff.com/_next/static/j5xM81yqRrU9N6vY1EaTq/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/j5xM81yqRrU9N6vY1EaTq/_buildManifest.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555e47039b8cddb3aedea2ae08bf03bb34eeecc3fbc4f39eb0dc488d4cfc3d5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
566354
content-disposition
inline; filename="_buildManifest.js"
x-vercel-id
gru1::2t7m8-1696975530780-e4866763fa8c
server
cloudflare
x-matched-path
/_next/static/j5xM81yqRrU9N6vY1EaTq/_buildManifest.js
etag
W/"2aa081fc68eb41e70a6fa97471c3280e"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f1bb04d93-FRA
_ssgManifest.js
www.dailyfaceoff.com/_next/static/j5xM81yqRrU9N6vY1EaTq/ 		629 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/j5xM81yqRrU9N6vY1EaTq/_ssgManifest.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3ca049a956dcf79390d6ca118b1b631c705c905a987a1460e8175dc06f12b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
566354
content-disposition
inline; filename="_ssgManifest.js"
x-vercel-id
gru1::2tsm6-1696975530611-8492ed71dcab
server
cloudflare
x-matched-path
/_next/static/j5xM81yqRrU9N6vY1EaTq/_ssgManifest.js
etag
W/"b92509ac4146e4ed34a176cfccdd25b9"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f1bb14d93-FRA
css2
fonts.googleapis.com/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 11:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 11:06:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 11:36:13 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://www.dailyfaceoff.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
81783e1f394e92b3-FRA
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
372562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 04:06:52 GMT
standard.905db491.svg
www.dailyfaceoff.com/_next/static/media/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/static/media/standard.905db491.svg
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42e18ef245c24dc9fddc4634bb45e82da91636a80aeafee95cb13d9b739117c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
2175905
content-disposition
inline; filename="standard.905db491.svg"
x-vercel-id
syd1:syd1::26zb6-1678417049333-6e6b3a49bf1a
server
cloudflare
x-matched-path
/_next/static/media/standard.905db491.svg
etag
W/"55f956c9d3b074f5688a54ff43de5191"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e1f9c694d93-FRA
image
www.dailyfaceoff.com/_next/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FUSATSI_21628133_168383996_lowres-scaled.jpg&w=256&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feed3edd0af9716cd74e04fa4c671206f08e75426a72e1e059e2c2216734d341
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
64549
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="USATSI_21628133_168383996_lowres-scaled.webp"
content-length
13512
last-modified
Mon, 16 Oct 2023 13:39:14 GMT
x-vercel-id
gru1::25pd5-1697463553567-3c76070072f1
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c734d93-FRA
image
www.dailyfaceoff.com/_next/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F09%2FSE5_5343-scaled.jpg&w=256&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78520a28519d3275636f6f8a18691b5aa43494ad5b09744f5c3fa8243f9953bb
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
68117
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="SE5_5343-scaled.webp"
content-length
10300
last-modified
Mon, 16 Oct 2023 16:34:20 GMT
x-vercel-id
gru1::vr868-1697474059756-71bf00ed7dc6
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c774d93-FRA
image
www.dailyfaceoff.com/_next/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F04%2FUSATSI_20394745-1.jpg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ddaacef0675630a2a572342e0128600deea69299f16e92e739bacea5593194b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
51490
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="USATSI_20394745-1.webp"
content-length
53082
last-modified
Mon, 16 Oct 2023 21:01:22 GMT
x-vercel-id
gru1::sfkzr-1697490081872-b2bfa2f8204f
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c784d93-FRA
image
www.dailyfaceoff.com/_next/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FDFSChartsOct.16.png&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1669ee40d0da888d7aab85b9f2fac80be7d241265466d620fe7564b348d2ae0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
51438
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="DFSChartsOct.webp"
content-length
30918
last-modified
Mon, 16 Oct 2023 19:51:09 GMT
x-vercel-id
gru1::2ffkr-1697485868885-9a98a4466b11
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c794d93-FRA
image
www.dailyfaceoff.com/_next/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FRaymond-LucasDET-2024.png&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbad2c0067696b079a48e1b1bcb35be3c991444fb5d6a1c4445e99ad1cb8a4a
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
68117
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="Raymond-LucasDET-2024.webp"
content-length
45090
last-modified
Mon, 16 Oct 2023 13:10:44 GMT
x-vercel-id
gru1::5z9c6-1697461844539-b9a374bd322d
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c7a4d93-FRA
image
www.dailyfaceoff.com/_next/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2FB190CDD5-00E3-42F0-946B-37C00D3ED110.jpeg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fa44b4fac257e3cbf91dbe1cc1b00fdb910253400cd4a6c76aa2adbf02f79
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
64760
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="B190CDD5-00E3-42F0-946B-37C00D3ED110.webp"
content-length
26952
last-modified
Mon, 16 Oct 2023 17:30:21 GMT
x-vercel-id
gru1::7znqx-1697477421180-64b1e7184218
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c7b4d93-FRA
image
www.dailyfaceoff.com/_next/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2F78E120DB-D916-4D99-8244-83011789F569.jpeg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bb6870c55ff897a92daa68203aec68eb2495eb2e4abf7c455c10f09106d6469
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
324463
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="78E120DB-D916-4D99-8244-83011789F569.webp"
content-length
26650
last-modified
Fri, 13 Oct 2023 17:04:22 GMT
x-vercel-id
gru1::bbslx-1697216661645-ebdd13ccc469
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c7d4d93-FRA
image
www.dailyfaceoff.com/_next/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=https%3A%2F%2Fpublish.dailyfaceoff.com%2Fwp-content%2Fuploads%2F2023%2F10%2F0083EB2A-0556-46BD-879F-68DBE75EB318.jpeg&w=640&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7e08a3e0f9a406c85837097484004fdee5d52ab6020bfbc1053e6c91f32972
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
403895
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="0083EB2A-0556-46BD-879F-68DBE75EB318.webp"
content-length
24158
last-modified
Thu, 12 Oct 2023 17:55:57 GMT
x-vercel-id
gru1::gqt92-1697133357194-9da2f609f4e4
server
cloudflare
x-vercel-cache
MISS
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81783e1f9c7e4d93-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fboston-bruins.88e539fd.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afbf2f12b4f81e325d436613f0994b0a25ce4dea459fd2a5fd20ca5d5b93d7fc
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777977
content-disposition
inline; filename="boston-bruins.webp"
content-length
6842
last-modified
Tue, 13 Jun 2023 17:40:49 GMT
x-vercel-id
gru1::b22vc-1686742758358-4c465d8dbdb9
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c7f4d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fbuffalo-sabres.ba67a2d8.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2f13a01b414123afd25f281e7f06ae7e99e9bc3774f74b8cd8b8a9695f61fc
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
837848
content-disposition
inline; filename="buffalo-sabres.webp"
content-length
6362
last-modified
Sat, 17 Jun 2023 08:23:31 GMT
x-vercel-id
gru1::jvtmn-1687495162048-f431e8156d7f
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c814d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdetroit-red-wings.113890ed.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7906dd8ee5297a81dfb6958ea188e72b1c889b2a162f67077476e2b3dcd43a24
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777978
content-disposition
inline; filename="detroit-red-wings.webp"
content-length
6276
last-modified
Wed, 19 Jul 2023 15:39:39 GMT
x-vercel-id
gru1::bklxk-1692215826276-ee9dff692087
server
cloudflare
x-matched-path
/_next/static/media/detroit-red-wings.113890ed.png
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c844d93-FRA
image
www.dailyfaceoff.com/_next/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fflorida-panthers.67f4950b.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730635c7846c0ad533e40a0449756fd7da38996fca403e31e632af513ce45d10
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
924550
content-disposition
inline; filename="florida-panthers.webp"
content-length
7910
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::xhts8-1686742758368-05d094e0f310
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c864d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fmontreal-canadiens.ca64a529.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e415ce18d1c20134aa56944a491f4e954ebf91b77656ebef2433e52cf481265
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
873858
content-disposition
inline; filename="montreal-canadiens.webp"
content-length
6020
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::xhts8-1686742758651-1c7bb9156ffd
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c874d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fottawa-senators.df9fa045.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d267b27ee5f06ff7c3409835a916da8cbfff5f4d0fd4f575d1420c855ff6fe5
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1790920
content-disposition
inline; filename="ottawa-senators.webp"
content-length
5886
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::b22vc-1686740024883-d498a00b98ff
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c8a4d93-FRA
image
www.dailyfaceoff.com/_next/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftampa-bay-lightning.c651a731.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef6e3d20bdf9828968f99d6cadd764d147cf494947cbfdafdbb611760cb5d5a9
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
873858
content-disposition
inline; filename="tampa-bay-lightning.webp"
content-length
8614
last-modified
Thu, 08 Jun 2023 20:10:04 GMT
x-vercel-id
gru1::79pv5-1686742758550-14e69c4c77e7
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c8b4d93-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftoronto-maple-leafs.8688d30a.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e00fc9cfa7db225365e542d39be275242939d77efb176591250bb555692913
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1744616
content-disposition
inline; filename="toronto-maple-leafs.webp"
content-length
7312
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::vqtvn-1686744774496-db56e81e70a4
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c8c4d93-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Farizona-coyotes.a0dc02ee.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555cddad04eaa840f02fcafa1c68d3ce5abee677493b8ceda0a19647a6fa8d97
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
837848
content-disposition
inline; filename="arizona-coyotes.webp"
content-length
7038
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::bcvsp-1686740024758-63e189a9ea1a
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c8e4d93-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fchicago-blackhawks.ee37f442.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d24e19854f8b2802d7d9c4a93b08ce89ebd2b544bade662b5dd59573969ecc9
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777978
content-disposition
inline; filename="chicago-blackhawks.webp"
content-length
6664
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::xhts8-1686739443323-200c70bf4ed7
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c8f4d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcolorado-avalanche.b7138c02.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb383daf5ac5f98ee1e961fe37ddf9f91e931bb1d0ab0bb07eb0b821e5ff8e11
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1790921
content-disposition
inline; filename="colorado-avalanche.webp"
content-length
6298
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::c9vwm-1686742758387-54a18817cddc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1f9c904d93-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdallas-stars.d5ec2749.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a22a3757060d4ec2f043ad5697391c3b189408f55395c733db8ddeeef5183e
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
837848
content-disposition
inline; filename="dallas-stars.webp"
content-length
5624
last-modified
Tue, 16 May 2023 18:57:17 GMT
x-vercel-id
gru1::mrvms-1686739948521-62f36d22f9da
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1fac9f4d93-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fminnesota-wild.72839331.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a464f656557d4f3533034f21ce23ce2fd1abfb82a2e43a7e4c7ee51e3fdca57
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
837848
content-disposition
inline; filename="minnesota-wild.webp"
content-length
5366
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::mrvms-1686742758665-11b727928740
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1faca04d93-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnashville-predators.76750da4.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a64265352b73d13aa9ad12d5e2a303bb4116082641468d8b2cbdf58acac90a1
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
925298
content-disposition
inline; filename="nashville-predators.webp"
content-length
6872
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::9p6dj-1686740668718-0f6e893a18fc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1faca24d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fst-louis-blues.9809041a.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e381e6206bcf05d9361a7a607f8746a696929868662a1189df33e5fae31fbbdb
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1803119
content-disposition
inline; filename="st-louis-blues.webp"
content-length
5798
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::jtzvq-1686740024891-9c882c70e016
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1faca34d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwinnipeg-jets.61d1cf52.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f537db4fba13bebc3c7f8d1752311425cea8937a370c0ce854287c1ede9a578
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777978
content-disposition
inline; filename="winnipeg-jets.webp"
content-length
5938
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::4kcl8-1686740025541-94dfe335c32d
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1faca44d93-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcarolina-hurricanes.b2eafb35.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7ee2a418043698daf720cd177a4f0b5172484a05fc604cc0294b099ed0c647
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1790921
content-disposition
inline; filename="carolina-hurricanes.webp"
content-length
5442
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::ltv4x-1686739443311-83d699e28afb
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1faca64d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcolumbus-blue-jackets.6342c43e.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79795edd32df5096ab7052f4d9c66d0fd6a5a515ca405792f56d0e334e71734
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777977
content-disposition
inline; filename="columbus-blue-jackets.webp"
content-length
6574
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::4kcl8-1686742758380-2aa142e97c23
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1faca74d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-jersey-devils.efa88323.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224dec49965a4bc596215b09bff280e01af7361134187ccbcb09673de47a9715
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
925298
content-disposition
inline; filename="new-jersey-devils.webp"
content-length
6478
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::lzqjz-1686740668615-4158e9208efc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1faca84d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-york-islanders.e5861a8d.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5061a5007eb8d4180f555ba0848d0fe3f87928aec22825c7b76ee82f65fd4ffb
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777978
content-disposition
inline; filename="new-york-islanders.webp"
content-length
6268
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::tdnl4-1686742758543-eead1de7c053
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facaa4d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fnew-york-rangers.3ba5ca3f.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f940210c298504bd1016fea7fd79bbbd24f404c0008c5f84b93ab2ff7e56cb
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1790921
content-disposition
inline; filename="new-york-rangers.webp"
content-length
6020
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::4kcl8-1686742758652-00d8850ca62f
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facac4d93-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fphiladelphia-flyers.b02d81e7.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b2caa8dc8f84c85efa039743ebbc7331fa840f544671544345c601ae88c277
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777978
content-disposition
inline; filename="philadelphia-flyers.webp"
content-length
5312
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::79pv5-1686746290600-1960395618f4
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facad4d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fpittsburgh-penguins.e5b4fa3e.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81213e01b51d8d11f09d46a132fd11f9c8c1028e5d3d711254c4c05754623a7
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777978
content-disposition
inline; filename="pittsburgh-penguins.webp"
content-length
6420
last-modified
Mon, 15 May 2023 09:55:39 GMT
x-vercel-id
gru1::z5mst-1686740025345-21e6a4f0e176
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facaf4d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwashington-capitals.832b005a.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65dc10bdae421dcbb55ba2750df1d03f818100312c66e891cd89d8401033a795
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1766199
content-disposition
inline; filename="washington-capitals.webp"
content-length
5994
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::lw9hf-1686744775147-4a3eef865e9e
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facb34d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fanaheim-ducks.d68079e8.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98f395bb8929b75791c82b3ef51416bdee0a0b4ef9f7f1fa06793cd5ce77316
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1803119
content-disposition
inline; filename="anaheim-ducks.webp"
content-length
5718
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::qlkj8-1686788333316-d04c5a3b23dc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facb54d93-FRA
image
www.dailyfaceoff.com/_next/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcalgary-flames.f2f92abb.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1818e9f455a694eff3539467735274a6be6d4355a6e47a6545e46d984df0187
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
837848
content-disposition
inline; filename="calgary-flames.webp"
content-length
6712
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::xhts8-1686740668630-aa2ccb97e2ce
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facb74d93-FRA
image
www.dailyfaceoff.com/_next/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fedmonton-oilers.633226bf.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b36491a598a385ee55fad7149712befe6be8f47eb58be511e560ee0bb2e3635
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
924551
content-disposition
inline; filename="edmonton-oilers.webp"
content-length
8256
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::9vmq9-1686788333507-69a5b93c226f
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facb94d93-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flos-angeles-kings.594c8b28.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a92be1a9cd1d6b36e5e9a8405ba52e0048926a2c29b785a1719a7a4f0c04bea
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
873859
content-disposition
inline; filename="los-angeles-kings.webp"
content-length
4812
last-modified
Sat, 17 Jun 2023 08:23:31 GMT
x-vercel-id
gru1::65frl-1687953204024-820d9afde48f
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facbb4d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fsan-jose-sharks.fd532d67.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44555bbe54bd61ebd3bcd2046a94e52fdd95e054ecb24f93c758fb9a7387f531
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
3777978
content-disposition
inline; filename="san-jose-sharks.webp"
content-length
6466
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::qr8np-1686740025403-80da256981e6
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facbc4d93-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fseattle-kraken.9d4491a7.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd10b6dff01533ad0ad1a6d06296c246270001ed05b326d2d377ec219442f54
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
924550
content-disposition
inline; filename="seattle-kraken.webp"
content-length
5610
last-modified
Mon, 15 May 2023 09:55:39 GMT
x-vercel-id
gru1::qr8np-1686740025535-8c76b81282ce
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facbe4d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fvancouver-canucks.e4b10e26.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8976123caac495c52812f1d4050252839ac64075cf0c6a5debd6b69a1cad00
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
2842445
content-disposition
inline; filename="vancouver-canucks.webp"
content-length
6618
last-modified
Tue, 16 May 2023 18:57:15 GMT
x-vercel-id
gru1::vqtvn-1686741321748-a0fd8f12e484
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facbf4d93-FRA
image
www.dailyfaceoff.com/_next/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fvegas-golden-knights.0e0640fa.png&w=96&q=20
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c5ff159e7d983540e9065f29ec868fa182eb199438e25bbf52a4d093682683
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
924550
content-disposition
inline; filename="vegas-golden-knights.webp"
content-length
5012
last-modified
Tue, 16 May 2023 18:57:16 GMT
x-vercel-id
gru1::wvpjr-1686740025510-e15186d4b4a7
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facc24d93-FRA
image
www.dailyfaceoff.com/_next/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyfaceoff.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fplaymaker-logo.45e179eb.webp&w=256&q=75
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c36b426ba3041eaf0bbf7c9230e8feaf7c3e6a9b8a5c3e95b47780332ce87ee4
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
1737047
content-disposition
inline; filename="playmaker-logo.webp"
content-length
6166
last-modified
Mon, 15 May 2023 07:56:03 GMT
x-vercel-id
gru1::t8ktk-1686742655233-3533ae7ba2bc
server
cloudflare
x-matched-path
/_next/image
x-vercel-cache
HIT
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81783e1facc34d93-FRA
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 17 Oct 2023 11:36:14 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid-load.js
dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/prebid-load.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3e00:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
525b7c567855bd59da6838cb6ebb39962ac46c7b38172bfa7ec3309e40fe106c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
b0NqeMgKBVwk12XZjEDZORrXtPGmqHon
content-encoding
br
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 11:07:38 GMT
x-amz-cf-pop
FRA60-P4
age
1756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 16 Oct 2023 20:15:57 GMT
server
AmazonS3
etag
W/"55519e4f8e4a279f29a049620b0883cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
M8DQQpFjUNyyvPp_xAf7pCpr6qEdg19tvZstye0uA8VPkvgrqptNUA==
count.js
dailyfaceoff.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyfaceoff.disqus.com/count.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 11:36:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
38
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 16 Oct 2023 16:29:02 GMT
Server
nginx
ETag
"652d64ce-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
1V-joMqbnqchTwruFinXJABhJPbfVeicgB-vBnvYB2Yz1_tnYitXBg==
gtm.js
www.googletagmanager.com/ 		205 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TB47RXZ
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8f34ecac3d386fee012a25f1d2c000d71bf6ad9e89cdc14175c8a435eaa10804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74676
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 11:36:14 GMT
liveView.php
live.primis.tech/live/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=113678&cbuster=1697542574126
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
881b56c4a6e206151eddb589e69380ac3253d23c469eb64bfddf396056812c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
RMlD0w28S6pfW0_wbq14c4OzHZAQtNX49yKYgbu2y2OPTl2pao-lJQ==
montreal-canadiens-kirby-dach-out-with-significant-injury-wont-be-short-term.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/montreal-canadiens-kirby-dach-out-with-significant-injury-wont-be-short-term.json?slug=montreal-canadiens-kirby-dach-out-with-significant-injury-wont-be-short-term
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e7b3f06c43bee8771ece00a9916e05a13c3e5e47052559f99c23f5eacf5a27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::dp2vt-1697471880689-37071f2d8d62
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"15shh4gix563cc"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e213f164d93-FRA
9534-e86df2f088a2406b.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/9534-e86df2f088a2406b.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
692705
content-disposition
inline; filename="9534-e86df2f088a2406b.js"
x-vercel-id
gru1::l97bx-1690499737111-3b8567c4f810
server
cloudflare
x-matched-path
/_next/static/chunks/9534-e86df2f088a2406b.js
etag
W/"0f8e4a4e7b71506d0051bc9abe971e8c"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e213f1c4d93-FRA
6595-70557aa686731784.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6595-70557aa686731784.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
7605063
content-disposition
inline; filename="6595-70557aa686731784.js"
x-vercel-id
syd1::kp27r-1685548655789-b207273447cf
server
cloudflare
x-matched-path
/_next/static/chunks/6595-70557aa686731784.js
etag
W/"5fc5cd10efe07b51e346a1c38c288514"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e213f1d4d93-FRA
5935-8b37af2f9a4374c6.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5935-8b37af2f9a4374c6.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924551
content-disposition
inline; filename="5935-8b37af2f9a4374c6.js"
x-vercel-id
gru1::mccrn-1693926697626-dab34bc62cca
server
cloudflare
x-matched-path
/_next/static/chunks/5935-8b37af2f9a4374c6.js
etag
W/"e24d4d770e265a080b7e45dbd2013b50"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e213f1e4d93-FRA
8852-cb6876ee41f3648f.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8852-cb6876ee41f3648f.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1766204
content-disposition
inline; filename="8852-cb6876ee41f3648f.js"
x-vercel-id
gru1::84dnv-1695328828290-9d1c7014537e
server
cloudflare
x-matched-path
/_next/static/chunks/8852-cb6876ee41f3648f.js
etag
W/"c4377bd48371f549a140c5f309b2f4f4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e213f1f4d93-FRA
6932-fb9f10300a0440b6.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6932-fb9f10300a0440b6.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
591577
content-disposition
inline; filename="6932-fb9f10300a0440b6.js"
x-vercel-id
gru1::qm4jl-1696950962789-0f6956ede05a
server
cloudflare
x-matched-path
/_next/static/chunks/6932-fb9f10300a0440b6.js
etag
W/"6e1c14d49c1a4dc5791dafaeeb5a5063"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e213f214d93-FRA
8715-829ce80c7175ab12.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8715-829ce80c7175ab12.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
590771
content-disposition
inline; filename="8715-829ce80c7175ab12.js"
x-vercel-id
gru1::jbv7f-1696951283321-37543f13ea78
server
cloudflare
x-matched-path
/_next/static/chunks/8715-829ce80c7175ab12.js
etag
W/"57ea8f61f10a35f06f60914dd52829c0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e213f234d93-FRA
%5Bslug%5D-ab23c5c8074ca39e.js
www.dailyfaceoff.com/_next/static/chunks/pages/news/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
591577
content-disposition
inline; filename="[slug]-ab23c5c8074ca39e.js"
x-vercel-id
gru1::jbhp5-1696950964263-f3dc53677876
server
cloudflare
x-matched-path
/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
etag
W/"03e31903743ef15b7ffa27f8b945b4e4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e213f244d93-FRA
stevenellis.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/stevenellis.json?slug=stevenellis
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce0f3ea2549c3f5d9f5ea09b35657dea6f262bc6ea24baef5519f1acaf2ea6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::jjtxf-1697518201405-1982a50ff866
server
cloudflare
age
1446
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/stevenellis.json
etag
W/"b1mnmdekf44is"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81783e213f1a4d93-FRA
%5Bslug%5D-2635201f122569af.js
www.dailyfaceoff.com/_next/static/chunks/pages/authors/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/authors/%5Bslug%5D-2635201f122569af.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1760499
content-disposition
inline; filename="[slug]-2635201f122569af.js"
x-vercel-id
gru1::8vlgv-1695683991885-99ac604788cb
server
cloudflare
x-matched-path
/_next/static/chunks/pages/authors/%5Bslug%5D-2635201f122569af.js
etag
W/"c3bbf595593e835fbea4009da776470f"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e214f3b4d93-FRA
nhl-power-rankings-colorado-avalanche-kick-off-2023-24-season-back-on-top.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		30 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/nhl-power-rankings-colorado-avalanche-kick-off-2023-24-season-back-on-top.json?slug=nhl-power-rankings-colorado-avalanche-kick-off-2023-24-season-back-on-top
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e532a00b8ca7c74c61bc5421accdca16a7dcfe1c3ceddcfe3c17a812294838a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::glpq2-1697477839432-06a72c6c50eb
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"76ad2vdhq9njm"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f314d93-FRA
scott-maxwell.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/scott-maxwell.json?slug=scott-maxwell
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b632e839f13c4fb455359a24dce85719d52da462c88dbb9ee56bdbb31efd9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::chb95-1697530681585-408a90c85bbf
server
cloudflare
age
1445
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/scott-maxwell.json
etag
W/"94ev9qwh794pf"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81783e214f344d93-FRA
nhl-prospect-roundup-joshua-roy-nick-robertson-among-early-ahl-standouts.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		12 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/nhl-prospect-roundup-joshua-roy-nick-robertson-among-early-ahl-standouts.json?slug=nhl-prospect-roundup-joshua-roy-nick-robertson-among-early-ahl-standouts
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c630caff56d105a020a7b4e6db6086f71075cf7fc742b887b7c0779756cebdc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::fw6nj-1697473902777-8e10263eb3c8
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"d45fb2loar9qz"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f354d93-FRA
philadelphia-flyers-unveil-new-arena-upgrades-costing-400-million.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/philadelphia-flyers-unveil-new-arena-upgrades-costing-400-million.json?slug=philadelphia-flyers-unveil-new-arena-upgrades-costing-400-million
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6152eacf337b3719c395520483b472e1743854b60959bd4dc7e553119ac01cf0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::qkr97-1697501144063-4b2ad128df8c
server
cloudflare
age
375
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"15oi1hq4223366"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f364d93-FRA
fantasy-hockey-daily-goalie-rankings-10-16-23.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/fantasy-hockey-daily-goalie-rankings-10-16-23.json?slug=fantasy-hockey-daily-goalie-rankings-10-16-23
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7d230068b72f4b3d826c80852a7648a60f330c265d8f70ed8708297b462c68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::w6kpd-1697490081644-8bde6b273d6a
server
cloudflare
age
374
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"iqhpw1x1hk4ly"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f374d93-FRA
goaltending-already-looks-like-a-problem-for-the-los-angeles-kings.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/goaltending-already-looks-like-a-problem-for-the-los-angeles-kings.json?slug=goaltending-already-looks-like-a-problem-for-the-los-angeles-kings
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307eeda9a7e419a9b3054ce11057144870d3632c6fe13fd4d52a004e1131a7fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::2ffkr-1697486596314-4d88403d3c75
server
cloudflare
age
374
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"f7i2whhnbb51u"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f384d93-FRA
dfo-dfs-charts-10-16-23.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		17 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/dfo-dfs-charts-10-16-23.json?slug=dfo-dfs-charts-10-16-23
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c934569af57e28a7e09b227cc06b07b95257e24af2c663964653f7e001fcf25
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::glpq2-1697485867495-e5ac83613078
server
cloudflare
age
374
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"r5ty2uxictd7l"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f394d93-FRA
seattle-kraken-forward-brandon-tanev-out-4-6-weeks-with-lower-body-injury.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/seattle-kraken-forward-brandon-tanev-out-4-6-weeks-with-lower-body-injury.json?slug=seattle-kraken-forward-brandon-tanev-out-4-6-weeks-with-lower-body-injury
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aaf040803a2d99ea8aab88d7a828d77c95686ccf1e86a199293a10422cb1bc5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::55mch-1697483519382-6f32ca495803
server
cloudflare
age
368
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"sl85bwyi162pz"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f3a4d93-FRA
washington-capitals-make-anthony-mantha-healthy-scratch-for-mondays-game.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/washington-capitals-make-anthony-mantha-healthy-scratch-for-mondays-game.json?slug=washington-capitals-make-anthony-mantha-healthy-scratch-for-mondays-game
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073701902be00d56504d8e2bc7fe2a53db57b3b6e9db98fad32a8e1be6520bc9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::rtmv8-1697479614519-30135eb135b0
server
cloudflare
age
325
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"12507hw9o6n2x0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f3c4d93-FRA
can-auston-matthews-score-70-goals-in-2023-24.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/can-auston-matthews-score-70-goals-in-2023-24.json?slug=can-auston-matthews-score-70-goals-in-2023-24
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9c56a7c59d79218224dc8185844cab70ff499bd5fb65c70318d7d9196f15e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::bplhf-1697479614527-e04b993b030e
server
cloudflare
age
325
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"bq6fwx1vz83g6"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f3d4d93-FRA
minnesota-wilds-matt-boldy-week-to-week-with-upper-body-injury.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/minnesota-wilds-matt-boldy-week-to-week-with-upper-body-injury.json?slug=minnesota-wilds-matt-boldy-week-to-week-with-upper-body-injury
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fcc4bdd661e1fae559c19f8991ce9d0de7d1bbab44e23889b9363dc9a142fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::rtmv8-1697477788186-e6a4bb5918c5
server
cloudflare
age
325
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"1763m871zpd2v4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f3e4d93-FRA
nick-szeman.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/nick-szeman.json?slug=nick-szeman
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e980a4a328f2f70b23081d7370b55481f143d8926def3ceb63a813b2f0a9c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::btxmd-1697516385971-a9d5f8f2a226
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/nick-szeman.json
etag
W/"c833zhwk1n5nv"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81783e214f3f4d93-FRA
fantasy-hockey.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/ 		8 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/fantasy-hockey.json?slug=fantasy-hockey
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55745c7aa2981111153462b6995fdb9f12bfe54ae2618ad268ce33a15b2ab09a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::chb95-1697490352984-2015a1b49528
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/fantasy-hockey.json
etag
W/"e94nzba6pu6ba"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81783e214f404d93-FRA
%5Bslug%5D-4f9a06131d4354e0.js
www.dailyfaceoff.com/_next/static/chunks/pages/categories/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924550
content-disposition
inline; filename="[slug]-4f9a06131d4354e0.js"
x-vercel-id
gru1::sgxjq-1695710442719-48996a25e66b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
etag
W/"740547ad66f265974028a58ecf8e219f"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e214f4d4d93-FRA
brock-seguin.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/brock-seguin.json?slug=brock-seguin
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f4b15f78e1cac8e73368f2db1553ef4f7400f7783af07e5628bedbe1f29fc9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::xpv7d-1697510255457-275d30371285
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/brock-seguin.json
etag
W/"13f2eban4sj5us"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81783e214f424d93-FRA
fantasy-hockey-weekly-strength-of-schedule-and-streaming-targets-week-2-2024.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/fantasy-hockey-weekly-strength-of-schedule-and-streaming-targets-week-2-2024.json?slug=fantasy-hockey-weekly-strength-of-schedule-and-streaming-targets-week-2-2024
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39904366a6496fa8d4cbbe0940e1fcacc9be5c2dda2babc7dbc9a1010de098b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::2m65w-1697461950970-4a108dd2c72d
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"56mdeu2rsi7we"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f444d93-FRA
betano-daily-bets-tyler-bertuzzi-shot-prop-maple-leafs-over-flames-moneyline.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/betano-daily-bets-tyler-bertuzzi-shot-prop-maple-leafs-over-flames-moneyline.json?slug=betano-daily-bets-tyler-bertuzzi-shot-prop-maple-leafs-over-flames-moneyline
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a944169c62a5c7b75cf16e06f2900e2d293def06ddf1d5be733a2a0de237c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::2ffkr-1697477421612-1a8d7d55c4fa
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"16mv8kvko1133h"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f454d93-FRA
coltondavies.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/coltondavies.json?slug=coltondavies
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5c3e2b9daa06267ea3b1b09e4c22e8218e4707d035dce967318e4805031b64
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::d4dft-1697524428873-98654c7f1359
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/authors/coltondavies.json
etag
W/"z01itr96424oi"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81783e214f464d93-FRA
betting.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/betting.json?slug=betting
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0010a8fbbf83764aa1a05b3c986907fa53380147d3f47ff4af44c2d159a008
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::4cpzs-1697477572497-abf2d088116a
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/betting.json
etag
W/"14lwyc66her6n1"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81783e214f474d93-FRA
betano-daily-bets-coyotes-moneyline-jake-guentzel-timo-meier-shot-prop-parlay.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/betano-daily-bets-coyotes-moneyline-jake-guentzel-timo-meier-shot-prop-parlay.json?slug=betano-daily-bets-coyotes-moneyline-jake-guentzel-timo-meier-shot-prop-parlay
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4e4a82c770ac4268cf9b26c4310d5e0d99ff06d4f8c184fc9c5b07cadefc85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::g7ltn-1697216661601-dbcbce87d91c
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"ij0vjmbimd31h"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f4b4d93-FRA
betano-daily-bets-blue-jackets-moneyline-jack-hughes-goal.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/betano-daily-bets-blue-jackets-moneyline-jack-hughes-goal.json?slug=betano-daily-bets-blue-jackets-moneyline-jack-hughes-goal
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0430891bac57eeb358f0ff0a82f1921dec3cc02d5268cb434f624921e5090d59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::h656p-1697133357252-d5d2d1a0f732
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"h7z3vaz2kn34l"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e214f4c4d93-FRA
index.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/index.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978c046fdb87c2a9cb41d0a40c3bea535d73825e9a0ddc6cc9058bd29bcf00d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::qkr97-1697501134888-0ed637c5ddaa
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/index.json
etag
W/"qxyxvlzkt5p9"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=120, must-revalidate
cf-ray
81783e215f634d93-FRA
fantasy-hockey.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/fantasy-hockey.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55745c7aa2981111153462b6995fdb9f12bfe54ae2618ad268ce33a15b2ab09a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::7znqx-1697490349583-4fa1a221b79e
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/fantasy-hockey.json
etag
W/"e94nzba6pu6ba"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81783e215f664d93-FRA
betting.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/betting.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0010a8fbbf83764aa1a05b3c986907fa53380147d3f47ff4af44c2d159a008
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
REVALIDATED
x-vercel-id
gru1::cle1::ndx9j-1697477464430-643bca054e63
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/betting.json
etag
W/"14lwyc66her6n1"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81783e215f674d93-FRA
shows.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/shows.json?slug=shows
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a6aa5981ed49d7d6e0dcd2db03cd401f49a1aa354c2eaae2d91b5950d3438b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::chb95-1697496531388-b1f3d0d089e5
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/categories/shows.json
etag
W/"fumj8s60xq5yf"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=300, must-revalidate
cf-ray
81783e216f6d4d93-FRA
nhl-weekly-schedule.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/ 		92 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/nhl-weekly-schedule.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75eabd9a472df95f9aa3d2f91175acb2d70259b839615b1c16b0c2c5b53de7d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::6nblw-1697494332971-044952516687
server
cloudflare
age
5032
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/nhl-weekly-schedule.json
etag
W/"s26w9jrgjx20wm"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=14400, must-revalidate
cf-ray
81783e216f714d93-FRA
374-afa99051b8f32278.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/374-afa99051b8f32278.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924550
content-disposition
inline; filename="374-afa99051b8f32278.js"
x-vercel-id
gru1::g6fcp-1686746230966-2f31326fcbca
server
cloudflare
x-matched-path
/_next/static/chunks/374-afa99051b8f32278.js
etag
W/"79f85b1db20e67f4343d8a6733d99904"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f744d93-FRA
4151-9e344b2b9cae2770.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/4151-9e344b2b9cae2770.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
630693
content-disposition
inline; filename="4151-9e344b2b9cae2770.js"
x-vercel-id
gru1::mkj9x-1694128394807-0162f6d5ee8e
server
cloudflare
x-matched-path
/_next/static/chunks/4151-9e344b2b9cae2770.js
etag
W/"f3199da89ac97ea9259d3a8d2ac83f8e"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f754d93-FRA
nhl-weekly-schedule-bac0295831efb757.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		0
483 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1803118
content-disposition
inline; filename="nhl-weekly-schedule-bac0295831efb757.js"
x-vercel-id
gru1::v4qqq-1686742631797-4df456b677c8
server
cloudflare
x-matched-path
/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
etag
W/"59330b45e2f3cbcfa841df73b8ee8cbd"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f764d93-FRA
hockey-player-news.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/ 		29 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/hockey-player-news.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6253f92c86b1532015f74b1158231aabab206d83d97ca3f4dfdfa285190e7747
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::vxx8l-1697517337560-51000a19a6b9
server
cloudflare
age
1439
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/hockey-player-news/[[...params]].json
etag
W/"17he9q7iwxlna0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81783e216f734d93-FRA
5761-ac0d245560f2ff39.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5761-ac0d245560f2ff39.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924550
content-disposition
inline; filename="5761-ac0d245560f2ff39.js"
x-vercel-id
gru1::rj8qc-1692204383543-ba30d33970da
server
cloudflare
x-matched-path
/_next/static/chunks/5761-ac0d245560f2ff39.js
etag
W/"83c50bee50173b8347bcbab533cae47a"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f8b4d93-FRA
%5B%5B...params%5D%5D-795bc57b69ba0e69.js
www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
3737216
content-disposition
inline; filename="[[...params]]-795bc57b69ba0e69.js"
x-vercel-id
syd1:syd1::gc8nt-1683565450942-0c6f25c4e39b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
etag
W/"af9da9f039217d60eaf6f803c8c41149"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f8d4d93-FRA
starting-goalies.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/ 		29 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/starting-goalies.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8b3a8b79def8a156c9742d7067fa30d330e272532de61dbdd9368963cd671c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::p6dhh-1697542310182-feeebc96d1e6
server
cloudflare
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/starting-goalies/[[...date]].json
etag
W/"k0d03p6td0mx3"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=120, must-revalidate
cf-ray
81783e216f874d93-FRA
878-2455321700c408f9.js
www.dailyfaceoff.com/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/878-2455321700c408f9.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1801753
content-disposition
inline; filename="878-2455321700c408f9.js"
x-vercel-id
gru1::ck8tk-1695683989238-0ec26c7549ec
server
cloudflare
x-matched-path
/_next/static/chunks/878-2455321700c408f9.js
etag
W/"5b098f564887aced852856f218635be0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f8e4d93-FRA
%5B%5B...date%5D%5D-a74aa9694d5b8077.js
www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
566353
content-disposition
inline; filename="[[...date]]-a74aa9694d5b8077.js"
x-vercel-id
gru1::vj9dp-1696975531369-acddbf8e89c1
server
cloudflare
x-matched-path
/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
etag
W/"e5f481a3ed6a71a71004c4bd6062fc75"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f904d93-FRA
teams-39d84c01efe361c5.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/teams-39d84c01efe361c5.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
6189507
content-disposition
inline; filename="teams-39d84c01efe361c5.js"
x-vercel-id
gru1::6h5hx-1691351101531-a2b9c4bdfb5e
server
cloudflare
x-matched-path
/_next/static/chunks/pages/teams-39d84c01efe361c5.js
etag
W/"d17e5b4e50ef3573be47d9477cc64ac2"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f914d93-FRA
2024-fantasy-hockey-draft-kit.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/news/2024-fantasy-hockey-draft-kit.json?slug=2024-fantasy-hockey-draft-kit
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374ec0bc6ed4dbe80d5b50ab1df72969a871ee0bf6213c7f6e378144b8702ce3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
x-nextjs-matched-path
/news/[slug]
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
gru1::cle1::7z5qf-1696975532104-5bb50e982053
server
cloudflare
age
375
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/news/[slug].json
etag
W/"10r13vo2d5b9if"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=1200, must-revalidate
cf-ray
81783e216f894d93-FRA
projections.json
www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/data/j5xM81yqRrU9N6vY1EaTq/projections.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856b8e5613167bc024c5fd800987c0cd296c9244a1f5eb6e58fe07023c02aca2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
x-vercel-id
gru1::cle1::v2gst-1696982745741-d78db3068a97
server
cloudflare
age
375
x-matched-path
/_next/data/j5xM81yqRrU9N6vY1EaTq/projections.json
etag
W/"12i01taal322tv"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=3600, must-revalidate
cf-ray
81783e216f8a4d93-FRA
projections-55fc3d09697af711.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/projections-55fc3d09697af711.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
590075
content-disposition
inline; filename="projections-55fc3d09697af711.js"
x-vercel-id
gru1::9nsms-1696950965033-7c7e56b33621
server
cloudflare
x-matched-path
/_next/static/chunks/pages/projections-55fc3d09697af711.js
etag
W/"9ac59e13eaed3ad159a8f5e412c5782d"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e216f934d93-FRA
prebid-wrapper.js
dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		282 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/playmaker-30ZVDl3T1o/dailyfaceoff-longform/prebid-wrapper.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3e00:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
678a491ab08bb329e7d69f513a779a8271af7aca6c301363d40be06b18db4694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
3ifDTwVcxuHsA5EQfm8cIu6zWJkv7Tcu
content-encoding
br
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 11:28:10 GMT
x-amz-cf-pop
FRA60-P4
age
544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 16 Oct 2023 20:15:57 GMT
server
AmazonS3
etag
W/"14449d61153fe74759ef98b1f435cb5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
_7LuD_779fFztI0TuTFO9lq1N-K8MTSNKlP7mHRrfZvdK34cGl404w==
7.54.3.js
edge.aditude.io/prebid/ 		473 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa3741725a3cfac0fde7e55903de1c4b18765636f546bcc8651523e617c3a0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
fra1::cle1::2jtjt-1695664621279-ac5ef979ceef
server
cloudflare
age
1877953
x-matched-path
/prebid/[version]
etag
W/"7633e-73pfTwm4qFCORV1h7209CNi5R9o"
x-vercel-cache
HIT
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2678400
cf-ray
81783e21cb616946-FRA
polyfill.min.js
polyfill.io/v3/ 		101 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 11:36:14 GMT
age
350191
detected-user-agent
Chrome/118.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/118.0.0
content-type
text/javascript; charset=UTF-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
config.json
edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		24 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/config.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dd2e16e112200f5f23bd3ef0a774e81e4fcd13820025e563a85336108be52a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
cf-cache-status
EXPIRED
x-vercel-id
fra1::cle1::zqx45-1697542574395-b78519aef045
server
cloudflare
x-matched-path
/wrapper/[publisherKey]/[wrapper]/config.json
etag
W/"18-YfIZKdbevD1XapnY/BiBD+MuozQ"
x-vercel-cache
HIT
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300, stale-if-error=3600
cf-ray
81783e21cf6330ed-FRA
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Oct 2023 09:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6392
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Oct 2023 11:49:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Oct 2023 11:36:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
w1SpD6sqDS6FztArVI+B8aCSMMvZuEbtjwUfwe17/uSzJSbrKlgv4Dr7GkZ5YEKaWD+tff8onEUrUm36IuanfQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/7161055/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Server
65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-81.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 05:21:03 GMT
content-encoding
gzip
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
22511
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
WPTIvfQ4b2OqsTG9Of8ZML_Zl3WF6RCwjv43SFLW0koyBY_MuIfh3g==

Redirect headers

date
Tue, 17 Oct 2023 11:36:14 GMT
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
Fx-w9BFbLU5G1R6NiEAcMOrJdERNHhUcACKnNv_8HTSrWwK0yge-yQ==
marfeel-sdk.js
sdk.mrf.io/statics/ 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0949b11760153c0738da4626c723c271fd551b09ee6113d769ef77b672505286

Request headers

Referer
https://www.dailyfaceoff.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
2ms
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Tue, 17 Oct 2023 11:27:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
6
accept-ranges
bytes
cf-ray
81783e2248b0bba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
35412
playmaker-adapter.js
cdn.optmn.cloud/hb/ 		202 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optmn.cloud/hb/playmaker-adapter.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f496a2bc7479a53462e4e803e31194a1c6bac060fb34a674b094d80e35ae7205

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 14:20:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3144
etag
W/"14df3981c9de81e3360ba492f9c32439"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1egH4YXbAVbIuUct7aFAk%2FMVjTp3fO3Z%2BLcbYntZQT%2BRPkWucvck3MkXqPfbg%2Ba3M3mpUW0xsoDjHr8y1kA7VG%2Bxx5PDBGN%2F3k3BmpNsyVESTpizqzBvplYFfdxm5F06KHlzhoudbVZnu6Hzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
81783e224c6165b2-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WYFDLPLCRR&l=dataLayer&cx=c
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1448f297b44adcb68c292708b0f007a149dc2c4ef6b31c155f1929dac9e30d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89243
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 11:36:14 GMT
liveView.php
live.primis.tech/live/ Frame 4DB9 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=113678&cbuster=1697542574126&cbuster=1697542574&pubUrlAuto=https%3A%2F%2Fwww.dailyfaceoff.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bbce9e55faefef105f376c2e67be5d31f92b36b5886116471ed7104305316ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:13 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
gfJ9HxobVsD0uwNrhR4Foe2UVDo-u4XQTDIjz8pE_eyRjVfFM3KHFg==
info.json
edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/ 		121 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.aditude.io/wrapper/playmaker-30ZVDl3T1o/dailyfaceoff-longform/info.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3c77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d46e748a88ff7a7d8778dfe7b7e8a1040a855addf48938cde30f750558f2da4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
cf-cache-status
REVALIDATED
x-vercel-id
fra1::cle1::t8wjt-1697492494841-113a3698ccd3
server
cloudflare
x-matched-path
/wrapper/[publisherKey]/[wrapper]/info.json
etag
W/"79-YGcnj/6MjI6e1mH2iMSFIvikHi0"
x-vercel-cache
HIT
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-vercel-execution-region
cle1
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300, stale-if-error=3600
cf-ray
81783e223fe830ed-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2985
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 16 Oct 2024 10:46:29 GMT
ad-server.f06b7d14f042cb1c6a9d.plugin.js
dn0qt3r0xannq.cloudfront.net/plugins/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dn0qt3r0xannq.cloudfront.net/plugins/ad-server.f06b7d14f042cb1c6a9d.plugin.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:225e:3e00:19:b6f1:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 00:26:50 GMT
x-amz-version-id
3gvDf13V7MqJT89.QvwqhKMJxGTlK9in
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
age
40165
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 16 Oct 2023 20:15:59 GMT
server
AmazonS3
etag
W/"571fed9519eea8a00f6f0d429577a149"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
6H9p9e8O7l5sEBaKTuG7-dtuty7dM17jo6kwRITuPRbIRruU6OmIWw==
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:50:43 GMT
content-encoding
gzip
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2732
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
cy0ALFgU4D80LQ0q0yHiZodXrpiTJrWkdisiO-ZOU9dHUa6yMh-bXQ==
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WYFDLPLCRR&gtm=45je3ab0&_p=1779113062&_gaz=1&cid=528120714.1697542575&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697542574&sct=1&seg=0&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dt=Starting%20Goalies%2C%20Line%20Combinations%2C%20NHL%20News%2C%20Opinion%2C%20and%20Analysis%20-%20Daily%20Faceoff&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYFDLPLCRR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WYFDLPLCRR&cid=528120714.1697542575&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYFDLPLCRR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WYFDLPLCRR&cid=528120714.1697542575&gtm=45je3ab0&aip=1&z=1028571280
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1721740624799960
connect.facebook.net/signals/config/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1721740624799960?v=2.9.134&r=stable&domain=www.dailyfaceoff.com
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30eb0aacc062aefd3b0a20b4aa9749977bae8f1dec9f2a0071480ccdf70e199b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Oct 2023 11:36:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36412
x-xss-protection
0
pragma
public
x-fb-debug
+0TJTZydFCtTLP8lolM9xV1p6NUv/+g9/ePqSk3vfc8NNyGlmaljRDzNjTmkPXQ+TA8accD8RMXTXMcvnPa84w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 11:36:14 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1282411
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nStGAhbgfBmqQH%2FKwyZ8Pn2S4zVP5Q4UvZlbjOhU%2BFxbb3ik7wup4MhYStDI7TQGnc2G0wd%2FAsBgZlRAC2MxNHSrl8Ez%2FpzJRHPWSKpGNPsRneD4YfP92zM7EJla67Mt71WvFDCsK05PfbZ8"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
81783e2439bc1d8c-FRA
prebid
krk2.kargo.com/api/v1/ 		0
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.221.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-221-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
mp.4dex.io/ 		60 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81783e244f874dc4-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14194&site_id=405436&zone_id=2272718&size_id=15&rf=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.domain=dailyfaceoff.com&tg_i.page=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.pbadslot=%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right--pb-slot-right-1&tk_flint=pbjs_lite_v7.54.3&x_source.tid=288131fa-49a3-4a46-8623-6a29621f1a3a&l_pb_bid_id=656ed8b654e747&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=288131fa-49a3-4a46-8623-6a29621f1a3a&rp_maxbids=1&slots=1&rand=0.9258434735958054
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3050a01d9b0d70b35d2f462a6c6ab7b3d9b9557844f2294f3b43265e78f013f5

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
387
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
c
prebid.a-mo.net/a/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 17 Oct 2023 11:36:14 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.116.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
shb.richaudience.com/hb/ 		4 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=69872761921&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=923189
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
413f7ed8973d68791ffe7e8d47c99f8d375eb298cdd40359f70860c2a06956ca

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1620nDeQX8O%2BcFwmKN3LAa%2Byo%2Fr0Q9hycsPGBmH5b3BGaTUSJs1oThYDBLzXkXSoWaQv0%2FFi6yRqU64QHpN2was%2BKQ1r22rdkejjrX0BOXBf0PejX3qfZZcd5VL95beto0b%2Btrn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81783e244a109c01-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hb-multi
hb.yellowblue.io/ 		84 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.33.109.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-109-54.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ed1574193bac53b7debcaf92a45a4cc200ff348d8fbf396a6a4be43d734b0e62

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
prebid
ib.adnxs.com/ut/v3/ 		139 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aa452e455c769c00c3843c4808b006b8d38197fb1a276b5e08e4d3cb7b567581
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
an-x-request-uuid
c3dd560e-02b7-4618-ad21-6911f08f8d34
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.48.84.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-84-121.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
cddbc33ef4d89740249b364ea6dd1081b8d95c2bef32d1f7552821cb44564b21

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		23 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.3
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5388858719c88ab875faebf78af957b7b5bf8a3167f0dbd6dea2ffc90bcb2c1f

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 Oct 2023 11:36:14 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailyfaceoff.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
prebidjs
rtb.openx.net/openrtbb/ 		53 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
681028a6eee030505da0da1a2644c76fa6c2b8f75e3c0650fd782ca8174e79d8

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		139 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1fece8d4384980c4d76fad0824b6f75d5a0c42a828523705f2ed422f7c90d6fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
an-x-request-uuid
f7727416-c934-4e98-8520-018e7aaa73b0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1779113062&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&ul=en-us&de=UTF-8&dt=Starting%20Goalies%2C%20Line%20Combinations%2C%20NHL%20News%2C%20Opinion%2C%20and%20Analysis%20-%20Daily%20Faceoff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=1144909673&gjid=1066089125&cid=528120714.1697542575&tid=UA-2397777-11&_gid=816909928.1697542575&_slc=1&gtm=45He3ab0n81TB47RXZ&z=1941654947
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2397777-11&cid=528120714.1697542575&jid=1144909673&gjid=1066089125&_gid=816909928.1697542575&_u=YCDAgAABAAAAAG~&z=1425269854
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 17 Oct 2023 11:36:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
deflate.min.js
live.primis.tech/main/js/ Frame 4DB9 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:08 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"64db4a50-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
LaGCWB_VlZevXqG0MbnpXULFGTyjmvWwoOpDGzgHpLqG7L2HDyznSw==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame 4DB9 		39 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"64d0ac41-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
9x1bIy0GIoL_e0pSCNQYRZ3EjL9DH2o8akb752DG81J8vMKefjKRHA==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame 4DB9 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:13 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"64d0ac41-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
Mp9B9ApkFsHEwl0xwuJsX75x4u1TTXEpfq6rkk3EgLof1aBMVpO63w==
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 4DB9 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
lTeyf9L-xV8Bf575FqPYKqRsv25HYVDVU2tvbWWndk90qpX2BogBpQ==
expires
Wed, 16 Oct 2024 11:36:14 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4DB9 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
h2_DnkLRvjj3X6X2IKKNxjYD_VkwMKE6jv1sW_vflBAVGnPXoHF6aQ==
expires
Wed, 16 Oct 2024 11:36:14 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4DB9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
_lM-1QJ7tBh5IxXL2s4w9aend8HPQsVpO9aKY2hQKiTv4XWd0SEt1Q==
expires
Wed, 16 Oct 2024 11:36:14 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 4DB9 		258 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
AVXQ2W1WPAqnHf2U0x-pKcRspPvv1T5x7_G5H2mYO5L3nYVQW3PLNg==
expires
Wed, 16 Oct 2024 11:36:14 GMT
prebidVid.7.16.0_15.min.js
live.primis.tech/content/prebid/ Frame 4DB9 		524 KB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3de7b02c8eb7669f21ac1831b7f1177c51689ffa3bc2175e40f91a90d4868af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 10:11:39 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"651be8db-82f55"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
4mkAAmNbwhSMbfxUW-4aCu-yR8cTEB2oqv22ZT948eOLRkkBSdN28Q==
expires
Wed, 16 Oct 2024 11:36:14 GMT
liveVideo.php
live.primis.tech/live/ Frame 4DB9 		657 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D31375F31347D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.70+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1697542574&csuuid=652e71ae77dd2&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371avkprlhsq&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b8881307d303dbc0ccb3cd358c8c59ba19115096fa4f795bec96b8545f5898c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
kaGd0rt5o5rOZ87tmDjP4K-JkE7PAVbunMNw803bu5S9ZLdngs1M5A==
hb-multi
hb.yellowblue.io/ 		84 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.33.109.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-109-54.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e90f0c975bae926a25ff386ed2ea546926578a83473fabe679364056ca67f243

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
auction
tlx.3lift.com/header/ 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.116.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.48.84.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-84-121.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e5d47f0e15580a871f63e2fc80bc01ae914b616f78323a497c1170140321e92f

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.3
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ca797736334786a7d23226da92bf070d6c6285711943faf6fa543557351b812e

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 Oct 2023 11:36:14 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailyfaceoff.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
btlr.sharethrough.com/universal/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=56154359677&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:14 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
krk2.kargo.com/api/v1/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.221.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-221-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
fastlane.json
fastlane.rubiconproject.com/a/api/ 		388 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14194&site_id=405436&zone_id=2272616&size_id=2&rf=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.domain=dailyfaceoff.com&tg_i.page=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.pbadslot=%2F63317524%2Fdfo%2Farticles%2Fleaderboard_header--pb-slot-header&tk_flint=pbjs_lite_v7.54.3&x_source.tid=fc96608e-e142-4129-b00d-9bdc9ba8ad51&l_pb_bid_id=5505673a5b0675&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fc96608e-e142-4129-b00d-9bdc9ba8ad51&rp_maxbids=1&slots=1&rand=0.29219168037736054
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cbaebabbf37e7fe27f629c6e54a77ac7fcd6e143eeb2e686ed741dd9bacb0567

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
388
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 17 Oct 2023 11:36:14 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ 		50 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
an-x-request-uuid
c6b1b8d0-c9b7-44b9-a7ed-7726a8e35d0d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=753031
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f69507ebe6d8782fb7f74b1ec740d9ebc2c024c6060d3a1ae9ba93b7b5a534

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5ec0QpsEnGV6muHHQOPfe68zwVbiTM86f2z3HaVrr%2FC31Wmud2bzRTsCPZBcE67z3%2FO1%2F5zaFrcIs77sZTESLi40SjWscdXEFAd8YEzQe74iewATkVlh8r4yfEaRtJJuengwRSw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81783e247a449c01-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
cdb1becbf2264c3a77f14f41764c21db337516c2d14675d05ed01a577dc5f92d

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		139 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4965e3fec4d706f95bfd80b25525119f302403f6177078d967eb9436aa6713e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
an-x-request-uuid
78533a64-072b-40b3-a924-3f2479a2ec73
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		60 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81783e247fc34dc4-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.3&cb=5770923784&lsavail=1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:13 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f604328a80bc5998fb1086aad0e743a58a85754ec2b7614b58b38924189b6c17

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		139 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
46eff6bcc80e3b46dc12f0d35d9e6f661ec08341a3789b00567d86bbc171172a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
an-x-request-uuid
a4a06b9e-725b-4c95-9741-3b76733ac2c1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.3
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
aeeae94fa372b85b284d9558b7a8f7821ac465daabf20875d3c4ab249474c325

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 Oct 2023 11:36:14 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailyfaceoff.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.48.84.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-84-121.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
392a96b73c276b94891523a9ed559cc07c0960e2c067e424d3ad44526c18e612

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
ib.adnxs.com/ut/v3/ 		144 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
21c3b58cbb8ae6c3e6947cd861285e18919de6a5c7d3398f4c42bc7024165727
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
an-x-request-uuid
33f6b1ee-8dd7-49aa-bece-30f7f4d3131b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81783e24affe4dc4-FRA
expires
0
/
shb.richaudience.com/hb/ 		4 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=923190
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ea103961ef4e71b4b7c094f88f3f4ae89f173187949e8557ce7f8023d3a11b

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrLNXlgP4BczRMTzkOOrbPe%2FFMsz09VEgbLuOv5GLCq5xAr2Bi1H%2FetZb9T6klUVyRms5gD77ZJa6H3tzPS5gX%2BGLpqFO1OYgRVTwQJQ4FI7EbmtKepJ6hvrKrQVKR79DN%2BdMzVF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81783e24aa8c9c01-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 17 Oct 2023 11:36:14 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
auction
tlx.3lift.com/header/ 		19 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tmax=2500
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.116.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
krk2.kargo.com/api/v1/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.221.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-221-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
fastlane.json
fastlane.rubiconproject.com/a/api/ 		388 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14194&site_id=405436&zone_id=2272738&size_id=15&rf=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.domain=dailyfaceoff.com&tg_i.page=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tg_i.pbadslot=%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right2--pb-slot-right-2&tk_flint=pbjs_lite_v7.54.3&x_source.tid=ee0ed8b0-80eb-486d-bf13-11756ea93630&l_pb_bid_id=1027fd62c6a7677b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ee0ed8b0-80eb-486d-bf13-11756ea93630&rp_maxbids=1&slots=1&rand=0.5743379294401612
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1183702d9e8dc520e570b96477acff7d2aa793cc02f8d5f1e88918039b98e6e3

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
388
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-multi
hb.yellowblue.io/ 		85 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: edge.aditude.io
URL: https://edge.aditude.io/prebid/7.54.3.js?modules=WyJhZGFnaW9CaWRBZGFwdGVyIiwiYW14QmlkQWRhcHRlciIsImFwcG5leHVzQmlkQWRhcHRlciIsImNvbnNlbnRNYW5hZ2VtZW50IiwiY29uc2VudE1hbmFnZW1lbnRVc3AiLCJjcml0ZW9CaWRBZGFwdGVyIiwiZW5yaWNobWVudEZwZE1vZHVsZSIsImZhYnJpY2tJZFN5c3RlbSIsImdkcHJFbmZvcmNlbWVudCIsImdwdFByZUF1Y3Rpb24iLCJpZDVJZFN5c3RlbSIsIml4QmlkQWRhcHRlciIsImthcmdvQmlkQWRhcHRlciIsIm1lZGlhZnVzZUJpZEFkYXB0ZXIiLCJtaW51dGVtZWRpYUJpZEFkYXB0ZXIiLCJvcGVueEJpZEFkYXB0ZXIiLCJwcmljZUZsb29ycyIsInB1Ym1hdGljQmlkQWRhcHRlciIsInJpY2hhdWRpZW5jZUJpZEFkYXB0ZXIiLCJyaXNlQmlkQWRhcHRlciIsInJ1Ymljb25CaWRBZGFwdGVyIiwic2NoYWluIiwic2hhcmV0aHJvdWdoQmlkQWRhcHRlciIsInNtYXJ0YWRzZXJ2ZXJCaWRBZGFwdGVyIiwic292cm5CaWRBZGFwdGVyIiwidHJpcGxlbGlmdEJpZEFkYXB0ZXIiLCJ1bmlmaWVkSWRTeXN0ZW0iLCJ2YWxpZGF0aW9uRnBkTW9kdWxlIl0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.33.109.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-109-54.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
7a8e72a369bf03fbc61694ef3b1a18bd4c356547c5f7b5c5b42bdb9558bd3a95

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
ingest.php
events.newsroom.bi/ 		126 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=7161055&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697542574846&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c8=Starting%20Goalies%2C%20Line%20Combinations%2C%20NHL%20News%2C%20Opinion%2C%20and%20Analysis%20-%20Daily%20Faceoff&c9=
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-81.prg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
Fo-PgM3MtAivrv7uZmSpeZfizHRaDOv-asaGj0G_MfKEe3bWd8svJA==
x-cache
Miss from cloudfront
48ce1010-d9fb-4e4a-9180-d1a0eb720b79
config.aps.amazon-adsystem.com/configs/ 		537 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
460f1244842bc6da64dfe2d9a5db61ef9198d54e94b649dea6be76715e7d968c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:58:59 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2236
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
WrjNbdZzLpN6-074s4lCNsXuVnvPEDCxOZDVWbct9KGZVs14ljDs9g==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9650c2f047b36768b976528d0a79622dd201ffb17c6bdb499f7de288a3e1e9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:30:11 GMT
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
3962
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1703
x-amz-cf-id
YjEx661HCIs7grBOGMlEsCykNZank8DPVVLl0sdJ0doIZhx-JVzxGQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=xBOHepPeil2Pb&cb=0&ws=1600x1200&v=23.919.1525&t=2500&slots=%5B%7B%22sd%22%3A%22pb-slot-right-1_bh6t589khtg%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
0R14A5FJNP48TRMJV7QQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
taHtGWUgelGsOWnEFd8cJTIHosGcZRNeoy_bP9oMWdJUbjzz7YP--w==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=xBOHepPeil2Pb&cb=1&ws=1600x1200&v=23.919.1525&t=2500&slots=%5B%7B%22sd%22%3A%22pb-slot-header_q3a051swiso%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F63317524%2Fdfo%2Farticles%2Fleaderboard_header%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
Z3243J4NF3WN3FCHPDWM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
nkA4yRdtXGFiwsRHR7uI5CUU42f_w2UX5u8FjfiDVcGMZ15QRUq3OA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=xBOHepPeil2Pb&cb=2&ws=1600x1200&v=23.919.1525&t=2500&slots=%5B%7B%22sd%22%3A%22pb-slot-right-2_lkx3j7ovmvg%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F63317524%2Fdfo%2Farticles%2Fboxbanner_right2%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
VV1E6GYQVVM5P1ZDDZDR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
lvw0HlMADs861pLi996XYG33e-qyHNeeQgHWTFoEewDSb7vjxMW27g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 02:00:29 GMT
x-amz-cf-pop
FRA56-P3
age
34547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
VNrdXDKgVgPqTn5mz-QmAv80Kh8fpMGOkzlJKVaOnHPLrWB2T7AgoA==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1721740624799960&ev=PageView&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&rl=&if=false&ts=1697542574979&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697542574976.405025373&cs_est=true&ler=empty&it=1697542574627&coo=false&rqm=GET
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 17 Oct 2023 11:36:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f814a760fab4a73128b24ee773609b147d90dff52aa4b88f11ffb84ef9f98434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 11:08:19 GMT
server
cloudflare
age
0
etag
W/"e57fbf13341167ab8647fdb6bc85d0934c4aeb02"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81783e25bd6530ea-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 11:36:15 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1281593
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pkau7reXnCRArMv6d0aj695S9X2SeszWxF7aHE2RSIDRe1tIzpWyEooiRBDJzXnCBO0ADGi08wIRuM17cq6gxSGhwesydZqiv0TiXNkSpBVavXBrTFEqRd9ib0I%2FHREoO5ACxwRvcwWSfKqg"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
81783e261fdd1a47-FRA
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:38 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
W/"647db3ea-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
BXkttjq4YaXLPMSEq9TPRBHQj4LPcUfMHYHrNvkxFhR0GLRxx30hiw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4DB9 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:50:43 GMT
content-encoding
gzip
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2733
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
6VPvqhx-w9a5MKEENL1PTIoIx7c4bKrT1Nmn31X1hAK__tyb4pj3_Q==
css
fonts.googleapis.com/ Frame A297 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 11:00:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 11:36:15 GMT
css
fonts.googleapis.com/ 		2 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 10:04:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 11:36:15 GMT
liveView.php
live.primis.tech/live/ Frame 4DB9 		138 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTJxZDIjOTBxMwZwNmA5OTxkNTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV5WxqRrU1En3qnRExlWXcwq09UnmVNVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UYmBPVEF3TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TacZNE5UQTJNQXA5LacvWEVFSXFzREk1M2Zeqmq6NXRmpmJ6SxR2RXpjpxywTyqYWVc3SyNvnDQzqzyxX2NioaRyoaRsnWQ9Mmp0NwE0MvZ2nWRsY29hqGVhqF9xZXNwPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X3RcqGkyPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X2R1pzF0nW9hPTUkMCZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMTM3NUYmMTM0N0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOC4jLwU5OTMhNmAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTJyNmFuZTp3ZGQlJzNvqXN0ZXI9MTY5NmU0MwU3NTIkNSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D31375F31347D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.70+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1697542574&csuuid=652e71ae77dd2&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371avkprlhsq&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aa9e8d299e44d5aa8573ffcc1dfea3cc452848bc776af119862d3fadc0f7859b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
13609
x-amz-cf-id
gFWOL6pHcp-NuZokdSkI89nJJJWE_FzaegIo4ZLxqHZXUlZLRantFA==
liveView.php
live.primis.tech/live/ Frame 4DB9 		72 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTJxZDIjOTBxMwZwNmA5OTxkNTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV5WxqRrU1En3qnRExlWXcwq09UnmVNVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UYmBPVEF3TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TacZNE5UQTJNQXA5LacvWEVFSXFzREk1M2Zeqmq6NXRmpmJ6SxR2RXpjpxywTyqYWVc3SyNvnDQzqzyxX2NioaRyoaRsnWQ9Mmp0NwE0MvZ2nWRsY29hqGVhqF9xZXNwPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X3RcqGkyPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X2R1pzF0nW9hPTUkMCZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMTM3NUYmMTM0N0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOC4jLwU5OTMhNmAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTJyNmFuZTp3ZGQlJzNvqXN0ZXI9MTY5NmU0MwU3NTIkNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D31375F31347D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.70+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1697542574&csuuid=652e71ae77dd2&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371avkprlhsq&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cf66783747843242e8a8a75b20e627563b822272062a2aaded03eb3d1ec96337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
9505
x-amz-cf-id
N6X1Q-_Uh9fg0sGbp911jp1t5z9Iz1mEINwOFufPrsZ3BCVqOuMBew==
liveView.php
live.primis.tech/live/ Frame 4DB9 		129 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTJxZDIjOTBxMwZwNmA5OTxkNTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV5WxqRrU1En3qnRExlWXcwq09UnmVNVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UYmBPVEF3TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TacZNE5UQTJNQXA5LacvWEVFSXFzREk1M2Zeqmq6NXRmpmJ6SxR2RXpjpxywTyqYWVc3SyNvnDQzqzyxX2NioaRyoaRsnWQ9Mmp0NwE0MvZ2nWRsY29hqGVhqF9xZXNwPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X3RcqGkyPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X2R1pzF0nW9hPTUkMCZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMTM3NUYmMTM0N0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOC4jLwU5OTMhNmAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTJyNmFuZTp3ZGQlJzNvqXN0ZXI9MTY5NmU0MwU3NTIkNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D31375F31347D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.70+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1697542574&csuuid=652e71ae77dd2&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371avkprlhsq&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
547e573970e46265bf2d47f8d1034d2e21f1c03b93ff83215e7b1446d1ad3314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
12922
x-amz-cf-id
hOPymnyVJKdiw8pwX8gHdzFFrbbx3v_y3pzOKYlGJrNY310GoYV1Rg==
liveView.php
live.primis.tech/live/ Frame 4DB9 		120 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTJxZDIjOTBxMwZwNmA5OTxkNTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV5WxqRrU1En3qnRExlWXcwq09UnmVNVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UYmBPVEF3TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TacZNE5UQTJNQXA5LacvWEVFSXFzREk1M2Zeqmq6NXRmpmJ6SxR2RXpjpxywTyqYWVc3SyNvnDQzqzyxX2NioaRyoaRsnWQ9Mmp0NwE0MvZ2nWRsY29hqGVhqF9xZXNwPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X3RcqGkyPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X2R1pzF0nW9hPTUkMCZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMTM3NUYmMTM0N0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOC4jLwU5OTMhNmAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTJyNmFuZTp3ZGQlJzNvqXN0ZXI9MTY5NmU0MwU3NTIkOCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D31375F31347D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.70+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1697542574&csuuid=652e71ae77dd2&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371avkprlhsq&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dea1af45519749b943ccd2f61cf6492decf53b8496e507334228fc2c8ec7259a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
12494
x-amz-cf-id
GUFwqmROzd9E_-GQ8VDWXJEdWOqh4sn3QmFHof3K9QAjmgdgsW4Qpw==
liveView.php
live.primis.tech/live/ Frame 4DB9 		121 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTJxZDIjOTBxMwZwNmA5OTxkNTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV5WxqRrU1En3qnRExlWXcwq09UnmVNVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UYmBPVEF3TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TacZNE5UQTJNQXA5LacvWEVFSXFzREk1M2Zeqmq6NXRmpmJ6SxR2RXpjpxywTyqYWVc3SyNvnDQzqzyxX2NioaRyoaRsnWQ9Mmp0NwE0MvZ2nWRsY29hqGVhqF9xZXNwPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X3RcqGkyPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X2R1pzF0nW9hPTUkMCZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMTM3NUYmMTM0N0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOC4jLwU5OTMhNmAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTJyNmFuZTp3ZGQlJzNvqXN0ZXI9MTY5NmU0MwU3NTIkOSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D31375F31347D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.70+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1697542574&csuuid=652e71ae77dd2&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371avkprlhsq&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f3cc57a0e8c5a2a86ea1cbf43853173b5f1690ddc5c918f1a0e8d589796df7c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
13456
x-amz-cf-id
XfO1x12mpBmMVYUVXsDbtIKuu8yIni4PB-0vVWu9itSvJBqPUWTWEA==
liveView.php
live.primis.tech/live/ Frame 4DB9 		64 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTM2OCUlRaZcZGViXmYmZwYmMGJzZwAkZzQjNDx2NDMkMTAyMxZ2nWQ2NTJxZDIjOTBxMwZwNmA5OTxkNTMjLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNryx0TDNnpFcHVaZYryy6WzcZrx1HSz1nnxF4Wz1Rq05EnmJORE14TVRBqzRgoGgOnyV5WxqRrU1En3qnRExlWXcwq09UnmVNVFV6TUM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UYmBPVEF3TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TacZNE5UQTJNQXA5LacvWEVFSXFzREk1M2Zeqmq6NXRmpmJ6SxR2RXpjpxywTyqYWVc3SyNvnDQzqzyxX2NioaRyoaRsnWQ9Mmp0NwE0MvZ2nWRsY29hqGVhqF9xZXNwPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X3RcqGkyPUNioz5ipvgCZWRupzQeR2FgZSgBozFfrXNcplfyM0EeVGuyK0NiYWNbZXMeUz9ioSfyN0MeRGFcoHxeRzFwZW9zZvgMnXZyJaZcZF9wo250ZW50X2R1pzF0nW9hPTUkMCZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kNDEjNvZ4PTY1NvZ5PTM2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMTM3NUYmMTM0N0Q3QwpmMmEmNmMlMmUmNTM1MmQmMDqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ1MwY4NwE1Nmp4MmU1QTZENDY2QTVBNTpmOTZENUE2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM0MmA3RDqCNTxmNDM0MmA3RDqCNwYmMTqEN0I0QmMkMmpmMmMlMmY3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOC4jLwU5OTMhNmAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTJyNmFuZTp3ZGQlJzNvqXN0ZXI9MTY5NmU0MwU3NTIlNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D31375F31347D7B7331373235353534307D7B4335377D7B53643364334C6D5268615778355A6D466A5A57396D5A69356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31373332367DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.70+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=1&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1697542574&csuuid=652e71ae77dd2&debugInfo=17255540_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17255540&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed371avkprlhsq&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=17326&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.dailyfaceoff.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
670ce71834d2a72380141488c80638804e2b68939114e9c7d91af534f76570b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailyfaceoff.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
8519
x-amz-cf-id
TyBKhyPTBFGdZcoZNcOUJlR4s24BiLOmBH0Qhj8aInyZmt5Pop_iYg==
logo_17326.png
video.primis.tech/uploads/video/users/logo/31368/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/video/users/logo/31368/logo_17326.png?cbuster=1677177910
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ae6c62a2a9c69aa427f3da2c542ce0a6572ec9a24d99c0cbcc27dcee10eeb09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:30:28 GMT
via
1.1 1dad001c8f545ba59104b1e94c04630a.cloudfront.net (CloudFront), 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, PRG50-C1
age
75946
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19841
last-modified
Thu, 23 Feb 2023 18:45:10 GMT
server
nginx
etag
"d009b6da409b751b4cee52bc57eefbcf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
3jUFhDw60BqnCdvdC16wHYdeEddarmx31z71sC8INeMQgLHZLNJ9Lw==
expires
Tue, 17 Oct 2023 14:30:28 GMT
vid652dd2090d26c709991530_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/ Frame A297 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530_thumb.jpg?cbuster=1697503209
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d5c79157f698d9fff2de53f7fef46f905278d53e8ec28be12dcc5945cd0bb753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:59:50 GMT
via
1.1 a282f7d4f5ae65b33d809fbc6ea8641c.cloudfront.net (CloudFront), 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1, PRG50-C1
age
27384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4352
last-modified
Tue, 17 Oct 2023 00:40:43 GMT
server
nginx
etag
"8848639965993c393e37384ced81257d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
_y2Y55qYC97aKtZDo4SZSkk-JXfv4yoT5PuwzoJ6pSkts3v3qagqKw==
expires
Wed, 18 Oct 2023 03:59:50 GMT
vid652db1ee72747805424275_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/ Frame A297 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/vid652db1ee72747805424275_thumb.jpg?cbuster=1697493721
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
43baf8a68c78e3ce362d10883fa38bdb429f6d6d62934cfa77177d86fd40ff9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:03:02 GMT
via
1.1 8bea8b04906ba221e865eddf4b64cf2e.cloudfront.net (CloudFront), 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, PRG50-C1
age
37993
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3730
last-modified
Mon, 16 Oct 2023 22:03:28 GMT
server
nginx
etag
"709df062717a30cd9ba7f8e892ec1774"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
rLD0wqz0mqkE6W4FxS7oZ5EeqC1OWeWdR-fweXlQ_0cCTuYOW7ORLQ==
expires
Wed, 18 Oct 2023 01:03:02 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY5NmU0MwU3NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMDJEMmEmNmVGMmEmNDqEN0I3MmMkMmpmMwM1MmUmNTM0MmA3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZENTI2ODYkNTp3ODM1NUE2RDQ2NxE1QTU3Mmx2RDVBNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTM3MmMmMwM2N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTJuMDAyM0FwOTtyM0ElMDUjJTNBYTAjNlUmQTIyM0EyM0EkNCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTthMC41OTxmLwpjJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTJyNmFuZTp3ZGQlJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTp1NDI1NmUlMDAzqWyxPVNyn2yhZG9TUGkurWVlNwUlZTpkYWVwYwJwMlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZGFcoHyzYWNyo2ZzLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0kODMkMwxlNmM2
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
APIC2hCPE-qg6Hd2Yz1qjn1nGdGCF_CRgF38JlCBhEgXspLmt48QIg==
vid652dd2090d26c709991530.jpg
video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530.jpg?cbuster=1697503209
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e32823f8dd0e24f6c0e69b1364b40f3e6e47abe9292b8fe2264dabb6f07a2fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 04:03:25 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront), 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, PRG50-C1
age
27170
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33741
last-modified
Tue, 17 Oct 2023 00:40:42 GMT
server
nginx
etag
"6929ccfc3ab828dc9415d504d67a6fbe"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
mpRlssXvBCBhUICcTDYX3Omh1t1T03EMQKM18rfoIxyaJ9PpDaLaOQ==
expires
Wed, 18 Oct 2023 04:03:25 GMT
web-vitals
www.dailyfaceoff.com/_axiom/ 		2 B
204 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_axiom/web-vitals
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/_next/static/chunks/pages/_app-88d8344fa26c758c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
x-vercel-id
fra1:fra1:fra1::iad1::dx4ff-1697542575338-d3a32d97262f
server
cloudflare
x-matched-path
/api/v1/send
etag
"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-vercel-cache
MISS
content-type
application/json; charset=utf-8
cache-control
public, max-age=0, must-revalidate
cf-ray
81783e27bfc14d93-FRA
content-length
2
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A297 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dailyfaceoff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
372563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 04:06:52 GMT
experiences
flowcards.mrf.io/json/ 		124 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/experiences?site_id=294&client_id=02835d68-b2bd-406c-8f7c-24b74b8bdca2&user_type=0&canonical_url=https%3A%2F%2Fwww.dailyfaceoff.com&referrer=&recirculation_source=&previous_page=&geo=__INJECT_GEO__&session_duration=1&pageviews=1&first_visit=1697542574&page_technology=0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c15a309d809cf50f70ede65d48fd8798dccd4d5a120943e896d8dc9afb54d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-envoy-upstream-service-time
3
accept-ranges
bytes
cf-ray
81783e28a8fc2be9-FRA
alt-svc
h3=":443"; ma=86400
content-length
119
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/launchpad-liveramp.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ca989cec583ed69b2df63c05d91ead25e13201945d9cc0bf9238a1a4d96045

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
h91SDFhOPIWZi6JuY3Jh6k._VuWPgtEM
content-encoding
gzip
via
1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 05:23:22 GMT
x-amz-cf-pop
PRG50-C1
age
22960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 25 Aug 2023 19:36:12 GMT
server
AmazonS3
etag
W/"a45252f007dde799051d352790bae43f"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
ro97NnXZpqLmYih284jO8Ly8U-L8NTJxdzkh0Y_4VCWYWf3pSIv2gQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 17 Oct 2023 11:51:15 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:03:18 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
34378
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
DTIYWWMSQODfVZ3Y5b8ewvJeIKjfFInaLOhynK5nq3vsTSQj3zY2KQ==
ads
securepubads.g.doubleclick.net/gampad/ 		722 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1571044751389707&correlator=279148280627468&eid=31078744%2C31078819%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fif&iu_parts=63317524%2Cdfo%2Chome%2Cboxbanner_right&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&didk=1647549731&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697542575439&lmt=1697535375&adxs=743&adys=417&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&vis=1&psz=388x0&msz=388x0&fws=0&ohw=0&ga_vid=528120714.1697542575&ga_sid=1697542575&ga_hid=1779113062&ga_fc=true&dlt=1697542573901&idt=994&prev_scp=test%3Dprebid%26cw%3Ddailyfaceoff.com%26amznbid%3D2%26amznp%3D2&adks=3883306018&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2832f558808222901e9c91f87dfb6906c54cb582f21fc73ab84f89700341b67c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0e7ef9ea018f390df08dce2295c1b2a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 68F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0e7ef9ea018f390df08dce2295c1b2a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 11:36:15 GMT
expires
Wed, 16 Oct 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		638 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1571044751389707&correlator=3511074639397718&eid=31078744%2C31078819%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fif&iu_parts=63317524%2Cdfo%2Chome%2Cleaderboard_header&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=2&didk=4188539186&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697542575471&lmt=1697535375&adxs=436&adys=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&vis=1&psz=1280x0&msz=1280x0&fws=0&ohw=0&ga_vid=528120714.1697542575&ga_sid=1697542575&ga_hid=1779113062&ga_fc=true&dlt=1697542573901&idt=994&prev_scp=test%3Dprebid%26cw%3Ddailyfaceoff.com%26amznbid%3D2%26amznp%3D2&adks=112134393&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7549e7c3f4abbad41f0396715b7de38874a14e6c71e5f937433b8d8b7d45442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		637 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1571044751389707&correlator=2924595010191819&eid=31078744%2C31078819%2C31078850&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fif&iu_parts=63317524%2Cdfo%2Chome%2Cboxbanner_right2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&didk=2732062252&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697542575490&lmt=1697535375&adxs=1124&adys=1594&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&vis=1&psz=300x250&msz=300x0&fws=512&ohw=0&ga_vid=528120714.1697542575&ga_sid=1697542575&ga_hid=1779113062&ga_fc=true&dlt=1697542573901&idt=994&prev_scp=test%3Dprebid%26cw%3Ddailyfaceoff.com%26amznbid%3D2%26amznp%3D2&adks=917112100&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
deaa4eaa5986cd33e8d660c57b98bef4128a237744be61df07c4326e3e485c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveInternalSsp.php
rtb.primis.tech/live/ Frame 4DB9 		25 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgWFgi27tS%2FwUBht8RqLFhw05Sq32n5ARNp%2FIYUNLYZvOLWcKKx%2Fm6wvuKcGl1uoMg0F0pjKBgmxVm%2FYovSXk24igPjHE9Croq7jsPCqi%2F%2FwzhW1dq0nIwh91W1el%2BDuJKQp6nSb54JJUyXELVoXdh3g51%2F%2F3%2B%2F0oTI%2FpxigAfgJB6OjbwmQZ0iqEPCKK02kQ1lWGcTpM1TNjjHhkW1M8iNRwPvFAdFPzJFfBhShTZQvUNX9CRnT2I%2BQSNDrZ5zvwDj%2FYPofXgi5YDeZ8NngsArbgnW9bgUgYo4a8ANzv8rD%2FjF%2FBEp5DD4%2FW2sJYXrkTFLB4yU5Z1rrBfJ6mU5RiOgbcqxZxYKPr0KcB3IKH%2B%2Fkedob%2FnGXXFCvtHHxie%2F4ALlaRzpsVpB7M5yvVVflK5oLuy3u7POrd%2FJc29Y3dDTf3XzJnBqMVrnVzSE38Rgf9l3j0OhqrspVEzBFvJLuKvWssmOZe9tV%2Fmhv7uHeKPFPUgjvB2Adjd993HPm9sXnbHhvV9RDPpD5A%2FfyoxXAql4XzJ4mcuztZO3D73ydjIc5YnoXFJwK2u63whDGh0c1zuScmIT01ixodrwtASeMIrgdyAZ0ZgubkaTVWUqu9fcKlF%2BeaAm263pjcClksMB7DVlfaZVyHMb24y43DHJ5KNkBgOa0w%2BpfNKze9MWlchSI8QrlQfYvuZPVUEqIXcPNk8zgAwcn5V4%2FR%2BDQ7MHFoA7nb7Lub1WZg0HCr6Lze9VM9faLNK2IVfcsIrobtQHjYcXE0o5Xzgj6N9owr%2BdnktW0JNMKYg1oj7lASVkfzWWpBw208wPtE5qh%2FYIWC3eOG5EV7rGIgZiWql01uVEYU%2BkB6BOC4KY3uWfimkwJOd6NEboMsJF8ILSdbprbgCPRitWq4uOCkgqwWAkNvhhfylWwvMej2b0AMulmlSB6ffJiacmJ8Vc7PYJnpc8o1TzJEIlCbuSnlp0jU5bLLXwv20eyh7tpzkG%2BZylXYjHcfFZM16Wn0Y3kI5WokgYicG9ejtvuNqyU1WUeFcHqqTCbznJiKNls3BNPpfnMZYIuL2dqp5eRCF9%2BNCBEJpH0yOg1Q4EaI1x7WZJaDnEx3ZnHSljdK7pz07iPuxwCLozgB11qhtDEwpKFVR6TpxJ%2FzwPrz01ILDX%2BrxPtxh0M3QX%2BAn9TSMVXCuNUXdNODPC7XckX6QRdzJTM0ub8W1EPWlKhB5yDVLptwdiajBcAsPeeDEJ5yqDJgnE%2B%2F2cbAqSoqA5B5cvJ7M7yilbZmyd6Jcq23SLTozdDEQkj0KVRJ4Rpdm5tX43RSIA8oFHyEeDeDoAJQwfCBF15Y6%2B0xU9Q2rT5zqEQGLxwGqUNsRgYmgoYrkJykWqwEH5dDF4ry2Q3dAneHTSpj8szWVPREDL8GyarB9jciMmzsd%2BWcr9jHPiuxONV4AxnxX1jqULJ%2FVuENULBwv0eISxtNR8QezK1IKgPfs07j%2FOCcepe61SCnUSTDeYii3W7aTqNDKYZQzkbawW3xf%2F%2Fh0phshL2kyiazRzl12laqnGU%2BmLc5Xw2uy%2Fqomb1o2mAH5bJWk7v2ed6Jz6NlqhDoHT13YtG90c8IXwfrsHYbiWAi8t2gHPyDkiwyQ0BjuiwDzi0V8nrnsFvs1ErJmLN43KZBxoRWwH8ZRYKJ7pLIYfojBD3XJ7hOuebe%2F42ESBtFn%2BmPjfNN0tIrRG6ZzEu6Pu2P53jpPO3q%2FJR42Gp1ZVXP2BXL5PVCMb1ta%2B%2BrCYafe9u1QNKpsxdfoN7gcXS8j0inLRHfy4rENloqPR24YIp5ojd%2FjYAUMVY%2BhZvb7nHgtU%2BMe7Y5kI3l5hAiSWrcs%2F%2BrNtOLccB%2BDKJI3%2FjZA0UZMAYcS0piXirw5UImdNXb5P%2FPUuWw%2FnwbNTo2OyjlRnAglj3bHjeNbxF3Xb3Qgow5qdQhl7v21iR15fO8pHhm2dptTXRO8Zobx1odke1v6C%2BLu6fV0x3Ht1B%2F5tB0d0qUcTf0WX3jFuyjpZt%3D%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
LbZ4oGhImBCrUo91BaBLwafqKo4mGeqE1x7SrY6yjCap2-YXhfLYgA==
pbjs
htlb.casalemedia.com/openrtb/ Frame 4DB9 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22321da475c3145d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailyfaceoff.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.dailyfaceoff.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%2C%22adunitcode%22%3A%22adUnit_8%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224a480997dbe687%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22tid%22%3A%227c91ac18-2898-4a9f-98b0-32e74b116339%22%2C%22sid%22%3A%22656x369%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F113678%2Fwww_dailyfaceoff_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B656%2C369%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C11%2C12%2C13%2C14%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A656%2C%22h%22%3A369%7D%2C%22bidfloor%22%3A0.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2231368%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac3fb7ac-424d-470a-9a21-e4a6eaf8a87a%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee4ede5a6dd9b01a074874733ec295337c3558bfa33c7608f551b727643b023

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nfDRgv28qNNL8VztZgdQT1pFWCiIY6BwXQisKwyWM7RKrlXA%2FvTlXMRIGLwWKW1cLvz41wR1HeUotF4cztIMf7kfekVET6na1gBnkci5Cc%2FBQAnxcN5AcIb%2B5ueXqdwObbPeiv0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81783e296b199c01-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
openrtb
adx.adform.net/adx/ Frame 4DB9 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
shb.richaudience.com/hb/ Frame 4DB9 		4 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4DB9 		184 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
99238b0a6c6bff884263aa2f2e67be5bd637d5fc36479b60a1a48394f3690f07

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
auction
tlx.3lift.com/header/ Frame 4DB9 		19 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.16.0&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&tmax=3000&gdpr=false
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.116.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 4DB9 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
06168b0fde6b8c7cc6527eee461185da00c2a68ca5481227d838e1c4be360c60

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 4DB9 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
48ce1010-d9fb-4e4a-9180-d1a0eb720b79
config.aps.amazon-adsystem.com/configs/ Frame 4DB9 		537 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
460f1244842bc6da64dfe2d9a5db61ef9198d54e94b649dea6be76715e7d968c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:58:59 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2236
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
2x55ZH81NVordmUAn2Mxre7TM6ni_cdpWR5kw_eXCbJIXHvxVeeZPg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 4DB9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9650c2f047b36768b976528d0a79622dd201ffb17c6bdb499f7de288a3e1e9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:30:11 GMT
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
3963
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1703
x-amz-cf-id
MuyEWhgqTaXT5pkzIAn0HxtXMhn2YTC70EvqG9v59QFVf0DrQVfRDA==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4DB9 		23 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyfaceoff.com%2F&pid=miXIMwIL4mXJ8&cb=0&ws=1x1&v=23.919.1525&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A80%2C%22id%22%3A%22Amazon_Video_400x225_Mob%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=48ce1010-d9fb-4e4a-9180-d1a0eb720b79&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
ABN23YB5MWM3G17BNGV9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
k0OlV2jAIgDzKMYDpTMxbzbMTOHzfrBt7dEfub_XEyViroHYc6PMUQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4DB9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 02:00:29 GMT
x-amz-cf-pop
FRA56-P3
age
34547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
7ppwG46c2kJfnV0hqP6fx8YNJLlOksV5WmJHiZnqg3ImE_1XEoON8g==
1a
i.clean.gg/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 17 Oct 2023 11:36:15 GMT
server
nginx/1.21.6
via
1.1 google
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/ Frame 4DB9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/e259636c-e529-4ade-add0-0481c90e58bf/launchpad-liveramp.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-63.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ca989cec583ed69b2df63c05d91ead25e13201945d9cc0bf9238a1a4d96045

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
h91SDFhOPIWZi6JuY3Jh6k._VuWPgtEM
content-encoding
gzip
via
1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 05:23:22 GMT
x-amz-cf-pop
PRG50-C1
age
22960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 25 Aug 2023 19:36:12 GMT
server
AmazonS3
etag
W/"a45252f007dde799051d352790bae43f"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
34w7m6mFX_7XsMx-RS_SS2E4gnp06nyjOl4c-16U1KLdjP_JP1BBcA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4DB9 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 17 Oct 2023 11:51:15 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 4DB9 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:03:18 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
34378
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
CA6KmEy2Jjx-vSY4KJ5r4KVA44DSXsE0w36V5jDiifhqSU-_qcQXRQ==
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfcbca5f0ec7aff19873aaa7549b1d707e99341dc955d0a470d2204eb695151d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
2wv74L4PUkUw8ytMV.GVtZ7ESxCnCvrg
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 10:40:24 GMT
x-amz-cf-pop
FRA56-C2
age
3352
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:df93851b-45a1-4c6e-8d06-5a0a28afcfdb
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
bab004dc3646564a04caf2dfb15bd632
last-modified
Thu, 05 Oct 2023 12:06:35 GMT
server
AmazonS3
etag
W/"cf95a382ff5867af0a1fba09fa5687a8"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
606068609e52652b939bf8bf8216916f19575fb6d57ee8746f72cddfe11a4001
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
NXoFtAN9mR3vDdprOl62QZeMbXP-hOl3zVZSPFBHG_1ktxkKGza-bg==
map
bcp.crwdcntrl.net/6/ 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e5639a21f1902a53088b38df978e75d7d1574e137bb0ee426be2a99e29a0f4d1

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
x-server
10.45.8.110
access-control-allow-credentials
true
content-length
60
expires
0
launchpad.bundle.js
launchpad.privacymanager.io/latest/ Frame 4DB9 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfcbca5f0ec7aff19873aaa7549b1d707e99341dc955d0a470d2204eb695151d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
2wv74L4PUkUw8ytMV.GVtZ7ESxCnCvrg
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 10:40:24 GMT
x-amz-cf-pop
FRA56-C2
age
3352
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:df93851b-45a1-4c6e-8d06-5a0a28afcfdb
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
bab004dc3646564a04caf2dfb15bd632
last-modified
Thu, 05 Oct 2023 12:06:35 GMT
server
AmazonS3
etag
W/"cf95a382ff5867af0a1fba09fa5687a8"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
606068609e52652b939bf8bf8216916f19575fb6d57ee8746f72cddfe11a4001
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
b6knhVt0H0Z8V0WYXsEplpZ0BmWUDrUDFV4ij6ZThcUO_4_hh6YFCA==
map
bcp.crwdcntrl.net/6/ Frame 4DB9 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
dce5a18666a416281df1156ef890e8fc382ffebd949977c9308a2e19fb0023a2

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
x-server
10.45.13.94
access-control-allow-credentials
true
content-length
60
expires
0
9534-e86df2f088a2406b.js
www.dailyfaceoff.com/_next/static/chunks/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/9534-e86df2f088a2406b.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc7613cf6cbe9af2ae4fdd0fa577120b30b135709bf8d03d16496dec9640f69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
692706
content-disposition
inline; filename="9534-e86df2f088a2406b.js"
x-vercel-id
gru1::l97bx-1690499737111-3b8567c4f810
server
cloudflare
x-matched-path
/_next/static/chunks/9534-e86df2f088a2406b.js
etag
W/"0f8e4a4e7b71506d0051bc9abe971e8c"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b4c9a4d93-FRA
6595-70557aa686731784.js
www.dailyfaceoff.com/_next/static/chunks/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6595-70557aa686731784.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d98915ed3cb9a5adbc271b167919c3f6d3dbafb4d690cb77c5765998e3dddb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
7605064
content-disposition
inline; filename="6595-70557aa686731784.js"
x-vercel-id
syd1::kp27r-1685548655789-b207273447cf
server
cloudflare
x-matched-path
/_next/static/chunks/6595-70557aa686731784.js
etag
W/"5fc5cd10efe07b51e346a1c38c288514"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b4c9e4d93-FRA
5935-8b37af2f9a4374c6.js
www.dailyfaceoff.com/_next/static/chunks/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5935-8b37af2f9a4374c6.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1c772e5116f82c381f60efb6a8623a03c8a8bb4b336445cb4c1a36bf0df429
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924552
content-disposition
inline; filename="5935-8b37af2f9a4374c6.js"
x-vercel-id
gru1::mccrn-1693926697626-dab34bc62cca
server
cloudflare
x-matched-path
/_next/static/chunks/5935-8b37af2f9a4374c6.js
etag
W/"e24d4d770e265a080b7e45dbd2013b50"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b4c9f4d93-FRA
8852-cb6876ee41f3648f.js
www.dailyfaceoff.com/_next/static/chunks/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8852-cb6876ee41f3648f.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b38b7f9c7847bf7cbafc5d23579e6604b26ef0cacdb6910074734d576ba4db1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1766205
content-disposition
inline; filename="8852-cb6876ee41f3648f.js"
x-vercel-id
gru1::84dnv-1695328828290-9d1c7014537e
server
cloudflare
x-matched-path
/_next/static/chunks/8852-cb6876ee41f3648f.js
etag
W/"c4377bd48371f549a140c5f309b2f4f4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b4ca14d93-FRA
6932-fb9f10300a0440b6.js
www.dailyfaceoff.com/_next/static/chunks/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/6932-fb9f10300a0440b6.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
461d9d9ddb4829b826ede451b55580827053e6b4ec75b2c44fce2673e5b75fdd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
591578
content-disposition
inline; filename="6932-fb9f10300a0440b6.js"
x-vercel-id
gru1::qm4jl-1696950962789-0f6956ede05a
server
cloudflare
x-matched-path
/_next/static/chunks/6932-fb9f10300a0440b6.js
etag
W/"6e1c14d49c1a4dc5791dafaeeb5a5063"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b4ca34d93-FRA
8715-829ce80c7175ab12.js
www.dailyfaceoff.com/_next/static/chunks/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/8715-829ce80c7175ab12.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e1d50b07a89e8f38a392ade671edd2fc8600a511745b877df5d4f0ba5997ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
590772
content-disposition
inline; filename="8715-829ce80c7175ab12.js"
x-vercel-id
gru1::jbv7f-1696951283321-37543f13ea78
server
cloudflare
x-matched-path
/_next/static/chunks/8715-829ce80c7175ab12.js
etag
W/"57ea8f61f10a35f06f60914dd52829c0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b4ca44d93-FRA
%5Bslug%5D-ab23c5c8074ca39e.js
www.dailyfaceoff.com/_next/static/chunks/pages/news/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84bde1fe730fb30eb7ec5f5d358d16f9438ee40309e57e20bf93a2f86b3b732
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
591578
content-disposition
inline; filename="[slug]-ab23c5c8074ca39e.js"
x-vercel-id
gru1::jbhp5-1696950964263-f3dc53677876
server
cloudflare
x-matched-path
/_next/static/chunks/pages/news/%5Bslug%5D-ab23c5c8074ca39e.js
etag
W/"03e31903743ef15b7ffa27f8b945b4e4"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b4ca54d93-FRA
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Oct 2023 00:59:44 GMT
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront), 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
38192
x-amzn-requestid
92a47c02-9f9b-4066-a033-d396cd83bebc
x-amzn-trace-id
Root=1-652ddc80-76d477ca57c090c90362880b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
M69kFFg3DoEEcCQ=
content-length
30
x-amz-cf-id
L83XdSpqGhSba7dEoZXsaCrBnfH8nisa-NFYTa5WuaScIaQZOwpx0w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 17 Oct 2023 11:36:15 GMT
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront), 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-apigw-id
M8aziGRNDoEEgLQ=
x-amz-cf-id
4xkXCcGTbsjlJpMizeqBGl0Xf1_NRb0G5CFKmeBVSsgvoxL51nE0zw==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
5592803d-be61-4368-809b-6d62fa5e3962
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.dailyfaceoff.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 17 Oct 2023 11:36:16 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-apigw-id
M8azjESIDoEEfIw=
x-amz-cf-id
u2SO6aKfzXbfZ9Wx2-KlJ0DIvXGlrK5PoSOVUW6GXcSkvfp5RLUCzA==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
c2283d9a-d886-43c1-94cd-167f1ebbd500
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ Frame 4DB9 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Oct 2023 00:59:44 GMT
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront), 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
38192
x-amzn-requestid
92a47c02-9f9b-4066-a033-d396cd83bebc
x-amzn-trace-id
Root=1-652ddc80-76d477ca57c090c90362880b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
M69kFFg3DoEEcCQ=
content-length
30
x-amz-cf-id
-hulaBX-xbBnstNHU1HzJhYu7rEb3DvklyXeOQKYo-xEZ3-pedpGLw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
%5Bslug%5D-2635201f122569af.js
www.dailyfaceoff.com/_next/static/chunks/pages/authors/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/authors/%5Bslug%5D-2635201f122569af.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e84b67a398f8d17749346578d2a7c710c05ba6dab88e499691729a250297fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1760500
content-disposition
inline; filename="[slug]-2635201f122569af.js"
x-vercel-id
gru1::8vlgv-1695683991885-99ac604788cb
server
cloudflare
x-matched-path
/_next/static/chunks/pages/authors/%5Bslug%5D-2635201f122569af.js
etag
W/"c3bbf595593e835fbea4009da776470f"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b5cbf4d93-FRA
%5Bslug%5D-4f9a06131d4354e0.js
www.dailyfaceoff.com/_next/static/chunks/pages/categories/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2046d0dffaaff13d278ded237ca0480d379f691f8c46017da3d383736d50e23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924551
content-disposition
inline; filename="[slug]-4f9a06131d4354e0.js"
x-vercel-id
gru1::sgxjq-1695710442719-48996a25e66b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/categories/%5Bslug%5D-4f9a06131d4354e0.js
etag
W/"740547ad66f265974028a58ecf8e219f"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b5cc14d93-FRA
teams-39d84c01efe361c5.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/teams-39d84c01efe361c5.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d94a22970df2a98d64662d138f8b6f1a5daa5782171d5de312fd06a850d9f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
6189508
content-disposition
inline; filename="teams-39d84c01efe361c5.js"
x-vercel-id
gru1::6h5hx-1691351101531-a2b9c4bdfb5e
server
cloudflare
x-matched-path
/_next/static/chunks/pages/teams-39d84c01efe361c5.js
etag
W/"d17e5b4e50ef3573be47d9477cc64ac2"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b5cc44d93-FRA
374-afa99051b8f32278.js
www.dailyfaceoff.com/_next/static/chunks/ 		90 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/374-afa99051b8f32278.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97c1f41fd7fe19224ec65bc340835a8901df80a9136bb26b9aa2549293f9585
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924551
content-disposition
inline; filename="374-afa99051b8f32278.js"
x-vercel-id
gru1::g6fcp-1686746230966-2f31326fcbca
server
cloudflare
x-matched-path
/_next/static/chunks/374-afa99051b8f32278.js
etag
W/"79f85b1db20e67f4343d8a6733d99904"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b5cc64d93-FRA
878-2455321700c408f9.js
www.dailyfaceoff.com/_next/static/chunks/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/878-2455321700c408f9.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65534fdafbad9cb1acca833772bc23a5d03e1a89f1ae44f34699b522e023a11e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1801754
content-disposition
inline; filename="878-2455321700c408f9.js"
x-vercel-id
gru1::ck8tk-1695683989238-0ec26c7549ec
server
cloudflare
x-matched-path
/_next/static/chunks/878-2455321700c408f9.js
etag
W/"5b098f564887aced852856f218635be0"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b5cc74d93-FRA
%5B%5B...date%5D%5D-a74aa9694d5b8077.js
www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a7f1daf10f16f2e3e0b95440ffe6d0f1fe0b2f9f8c94d5a0158a266553f878
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
566354
content-disposition
inline; filename="[[...date]]-a74aa9694d5b8077.js"
x-vercel-id
gru1::vj9dp-1696975531369-acddbf8e89c1
server
cloudflare
x-matched-path
/_next/static/chunks/pages/starting-goalies/%5B%5B...date%5D%5D-a74aa9694d5b8077.js
etag
W/"e5f481a3ed6a71a71004c4bd6062fc75"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b5cc84d93-FRA
4151-9e344b2b9cae2770.js
www.dailyfaceoff.com/_next/static/chunks/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/4151-9e344b2b9cae2770.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d262d92e543246a595d1b20ad250ffc44d0a4efc568d42c4dc39cb36bcc65e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
630694
content-disposition
inline; filename="4151-9e344b2b9cae2770.js"
x-vercel-id
gru1::mkj9x-1694128394807-0162f6d5ee8e
server
cloudflare
x-matched-path
/_next/static/chunks/4151-9e344b2b9cae2770.js
etag
W/"f3199da89ac97ea9259d3a8d2ac83f8e"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b5cc94d93-FRA
nhl-weekly-schedule-bac0295831efb757.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		414 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faeeb447489a22cb3134f5801c870b878a0ffb3d159b7c25d3d591c8ff4aa36c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
1803119
content-disposition
inline; filename="nhl-weekly-schedule-bac0295831efb757.js"
x-vercel-id
gru1::v4qqq-1686742631797-4df456b677c8
server
cloudflare
x-matched-path
/_next/static/chunks/pages/nhl-weekly-schedule-bac0295831efb757.js
etag
W/"59330b45e2f3cbcfa841df73b8ee8cbd"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b6ccb4d93-FRA
5761-ac0d245560f2ff39.js
www.dailyfaceoff.com/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/5761-ac0d245560f2ff39.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce76230f57c0a5804fe4a894fdc4dc763019463eb7fb545e3f75fe5df7f2572e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
924551
content-disposition
inline; filename="5761-ac0d245560f2ff39.js"
x-vercel-id
gru1::rj8qc-1692204383543-ba30d33970da
server
cloudflare
x-matched-path
/_next/static/chunks/5761-ac0d245560f2ff39.js
etag
W/"83c50bee50173b8347bcbab533cae47a"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b6ccc4d93-FRA
%5B%5B...params%5D%5D-795bc57b69ba0e69.js
www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3b7a345b18da5b6360c15ddca29408d6883d8b701933ccd87aade7cf013650
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
3737217
content-disposition
inline; filename="[[...params]]-795bc57b69ba0e69.js"
x-vercel-id
syd1:syd1::gc8nt-1683565450942-0c6f25c4e39b
server
cloudflare
x-matched-path
/_next/static/chunks/pages/hockey-player-news/%5B%5B...params%5D%5D-795bc57b69ba0e69.js
etag
W/"af9da9f039217d60eaf6f803c8c41149"
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b6cce4d93-FRA
projections-55fc3d09697af711.js
www.dailyfaceoff.com/_next/static/chunks/pages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_next/static/chunks/pages/projections-55fc3d09697af711.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d3bb19645c6af96a0180f8eb4067f9133d372c078877ff2bc4ee006ed636a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
age
590076
content-disposition
inline; filename="projections-55fc3d09697af711.js"
x-vercel-id
gru1::9nsms-1696950965033-7c7e56b33621
server
cloudflare
x-matched-path
/_next/static/chunks/pages/projections-55fc3d09697af711.js
etag
W/"9ac59e13eaed3ad159a8f5e412c5782d"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
81783e2b6cd04d93-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88f6f7717c4c0799d40ce3e5f85b442c726644504e27317e87309f49d6a5e523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12281
x-xss-protection
0
ingest.php
events.newsroom.bi/ 		2 B
780 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=294
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 17 Oct 2023 11:36:15 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
rum
www.dailyfaceoff.com/cdn-cgi/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
81783e2c0dd24d93-FRA
rum
www.dailyfaceoff.com/cdn-cgi/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.dailyfaceoff.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
81783e2c0dd34d93-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4DB9 		361 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Tue, 17 Oct 2023 11:36:16 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQ5JaNypaZypyRcoWU9MTY5NmU0MwU3NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE4LwAhNTx5Ml43MCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUlZTpkYWU3N2RxMvZ2SW1jT3Bjo3J0qW5cqHyNqWk0nXBfnWVlPTUzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY5NmU0MwU3NwAmOSZ1nWQ9U2VenW5xo1NQoGF5ZXI2NTJyNmFuZWNvMzMmJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5xYWyfrWZuY2ViZzYhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZCZjrGyxPTIjNmM3ODQmMt==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
yetCIQkD8HOsMJem2azKTxTvBGFmZ3v0E07cNBn-bTLikAixexIdvA==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 11:36:16 GMT
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 1AA6 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
56833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 19:49:03 GMT
expires
Tue, 15 Oct 2024 19:49:03 GMT
last-modified
Tue, 10 Oct 2023 20:31:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 4DB9 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Oct 2023 11:36:16 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8B56 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 17 Oct 2023 12:16:40 GMT
web-vitals
www.dailyfaceoff.com/_axiom/ 		2 B
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dailyfaceoff.com/_axiom/web-vitals
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/_next/static/chunks/pages/_app-88d8344fa26c758c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:337b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
x-vercel-id
fra1:fra1:fra1::iad1::phz7h-1697542576343-6a0792f784a5
server
cloudflare
x-matched-path
/api/v1/send
etag
"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-vercel-cache
MISS
content-type
application/json; charset=utf-8
cache-control
public, max-age=0, must-revalidate
cf-ray
81783e2e08664d93-FRA
content-length
2
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A43 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 11:18:00 GMT
expires
Wed, 16 Oct 2024 11:18:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6562 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2da32305d69a8118e52bc7c6f39dd8b447fa8614d03e6f6bd5e69d43c00413f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vgeg-e6YOzjmPZGLjXyWqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vgeg-e6YOzjmPZGLjXyWqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 11:36:16 GMT
expires
Tue, 17 Oct 2023 11:36:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ Frame 1AA6 		156 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F63317524%2Fdfo%2Fhome%2Fvideo&description_url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&env=vp&correlator=3033068367699183&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=670x338&unviewed_position_start=1&ad_rule=0&cust_params=player%3Dprimis%26tagID%3D%26postID%3D%26prmsig%3Dwdvsfe&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4099075284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=155EB0E0-28D9-4635-A780-CA096C6D96EF&nel=0&eid=44731965%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401&ref=https%3A%2F%2Fwww.dailyfaceoff.com%2F&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dt=1697542576574&cookie=ID%3D3954b811085f6238%3AT%3D1697542575%3ART%3D1697542575%3AS%3DALNI_Mb2ysbIiRjM2rOdwAqoWjEzn10CRw&gpic=UID%3D00000c9b6368aa34%3AT%3D1697542575%3ART%3D1697542575%3AS%3DALNI_MYZFd3ThzmgfnW_Q8-1qHW8ic8Kgg&scor=2671670068212936&ged=ve4_td3_er584.-2600.737.-2300_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 9A43 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
3978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 10:29:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6562 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310120101&jk=1571044751389707&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 1AA6 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnu90qy0&c=7093309982599&slotId=3546654991299.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c1a::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 1AA6 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C22671245338%2Ffutbolsites&description_url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&env=vp&correlator=3033068367699183&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&ad_rule=0&cust_params=prmsig%3Dwdvsfe&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4099075284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=155EB0E0-28D9-4635-A780-CA096C6D96EF&nel=0&eid=44731965%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401&ref=https%3A%2F%2Fwww.dailyfaceoff.com%2F&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dlt=1697542574395&idt=2110&dt=1697542576808&cookie=ID%3D3954b811085f6238%3AT%3D1697542575%3ART%3D1697542575%3AS%3DALNI_Mb2ysbIiRjM2rOdwAqoWjEzn10CRw&gpic=UID%3D00000c9b6368aa34%3AT%3D1697542575%3ART%3D1697542575%3AS%3DALNI_MYZFd3ThzmgfnW_Q8-1qHW8ic8Kgg&scor=2671670068212936&ged=ve4_td3_tt0_pd3_la3000_er584.-2600.737.-2300_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 9A43 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oERcdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prebid
id5-sync.com/api/config/ Frame 4DB9 		135 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 4DB9 		0
0
id
id.crwdcntrl.net/ Frame 4DB9 		43 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
no-cache
x-server
10.45.7.255
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 4DB9 		63 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2f492dedd896bb323681a96fd999c7bb36ada48c44cb618114aaddf4c52d3ec7

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyfaceoff.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 16 Nov 2023 11:36:17 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 28F6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1191
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81783e32f85d5caa-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
Tue, 17 Oct 2023 15:36:17 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 35A9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28724
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
Tue, 17 Oct 2023 19:35:01 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3574 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 17 Oct 2023 11:36:17 GMT
usync.html
eus.rubiconproject.com/ Frame D10C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 11:36:17 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 4DB9
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjE1MjY2MjIzMjMxMzQ1MjYwMA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEMytBqbpp3tOOQib57hsIlQ&gdpr=0&gdpr_consent=&google_cver=1
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEMytBqbpp3tOOQib57hsIlQ&gdpr=0&gdpr_consent=&google_cver=1
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Oct 2023 11:36:16 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEMytBqbpp3tOOQib57hsIlQ&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 4DB9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEFtU7KXOMAABaJgpTVCw&partnerid=127&gdpr=0
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAEFtU7KXOMAABaJgpTVCw&partnerid=127&gdpr=0
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAEFtU7KXOMAABaJgpTVCw&partnerid=127&gdpr=0
Date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 4DB9
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTlsWkJCRk4ySzZRVlNVaTRwUlFaSm0yQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDk5bFpCQkZOMks2UVZTVWk0...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=8671380081247465757&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=99l9XERowh8QfeOLOO03RYm6Q&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=2152662232313452600&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Protocol
HTTP/1.1
Server
52.203.124.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-124-67.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 11:36:18 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 17 Oct 2023 11:36:17 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 4DB9 		95 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/png
date
Tue, 17 Oct 2023 11:36:08 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
rtb-csync.smartadserver.com/redir/ Frame 4DB9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
v1
match.sharethrough.com/sync/ Frame 4DB9
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2152662232313452600&gdpr=0&gdpr_consent=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2152662232313452600&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.120.99.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-99-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2152662232313452600&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
PugMaster
image6.pubmatic.com/AdServer/ Frame 35A9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29828685&p=159835&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6cd219d058e1246d680abe1e479717a78070ea68f90b4f1cf5dc75f8891e1634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
lb.eu-1-id5-sync.com/lb/ Frame 4DB9 		33 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
d8f479be0f290b16610cc408f9d6b00831777c4428393749e171dce1affb6972
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame 10CC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c17b64bf309d03a7891930cc768cb1762b5e7d2a26135d36dac9bfdd349ccc5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81783e338d288fd6-FRA
content-encoding
br
content-type
text/html
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LYV9dnMaFZZqwltGkePqpFfZcbhbuD0%2B4mH4q5%2F1JvPfCXlo74oiwczyzqmp2naISdx5q%2FReX7U9eNlAdz7EoIGpsXLI4SVmrEdVXL8BUD3TXPx6QZTGQtbb%2BTHEySsvkCU4u5F%2FO2YFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81783e334af19c01-FRA
content-length
0
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jbelhTcULYvOLP5%2BMuGVIJvx0Z%2BNM6ixqGJenYlSttj%2BmDQw2FwUb8g0cY2JfsJGesj2GJZkwO0%2B29HunTv6bvWxIf3q8E%2BS0eyLbZK6vNBvSeOFGOD2%2FRTy83xXzBatO53dMDFgOG76w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame D10C 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 11:36:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38867
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:04 GMT
csi
csi.gstatic.com/ Frame 1AA6 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnu90r6b&c=7093309982599&slotId=3546654991299.5&ghmsh_eids=44731965%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604%2C44802401
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c1a::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame F525 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
Tue, 17 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
176482
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7660
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 17 Oct 2023 11:36:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SDWKN9PWCC5PVZPC94HW

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 17 Oct 2023 11:36:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
7W0K29P7F8YMZG370JHA
Pug
image2.pubmatic.com/AdServer/ Frame 81A9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E
42 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame CA2E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5130431364717863033&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5130431364717863033&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a0e46112-1bea-41f1-a76d-ea5a9fa80f16
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5130431364717863033&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6600
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290889851789899929&gdpr=0&gdpr_consent=
42 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290889851789899929&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 17 Oct 2023 11:36:17 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7290889851789899929&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 6E35
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d27eedfc-2b1a-4f43-8a75-8f70d1878a8d&bsw_param=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 17 Oct 2023 11:36:17 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=61b332c0-a4cf-4dcd-8b4d-32d60cc776c1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 6F48
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 11:36:17 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3WHKtLK1WEJpSw7vaYLmTLKi0Y0&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame BAAD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 11:36:17 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6DCC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZS5xsQAAAtA15AA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230127-FRA
x-timer
S1697542577.366151,VS0,VE98

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 17 Oct 2023 11:36:17 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZS5xsQAAAtA15AA4
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230127-FRA
x-timer
S1697542577.232390,VS0,VE98
Pug
image2.pubmatic.com/AdServer/ Frame 824A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFbHNFN0tYT01BQUJucU1nT3Vtdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAElsE7KXOMAABnqMgOumw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2152662232313452600&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAElsE7KXOMAABnqMgOumw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2152662232313452600%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2152662232313452600&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAElsE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAElsE7KXOMAABnqMgOumw&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAElsE7KXOMAABnqMgOumw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 17 Oct 2023 11:36:17 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAElsE7KXOMAABnqMgOumw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 246C
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 17 Oct 2023 11:36:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame DA08
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8e62b9e17dc948efbdd9a25309a01439
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8e62b9e17dc948efbdd9a25309a01439
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU8e62b9e17dc948efbdd9a25309a01439
pragma
no-cache
server
Tengine
bridge
cm.adgrx.com/ Frame DDF5 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 17 Oct 2023 11:36:17 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
Pug
image2.pubmatic.com/AdServer/ Frame B156
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2054724883715796864
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2054724883715796864
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2054724883715796864
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame B54F 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 17 Oct 2023 11:36:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame CCED
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528278355321
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528278355321
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 17 Oct 2023 11:36:17 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528278355321
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame A640 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 17 Oct 2023 11:36:17 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-68adb9af4f5c@version_1.573
X-core-time
1ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame 5399 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 7044
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=df7f5c1e2962007c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMTMVjbnXRUXaaTj&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMTMVjbnXRUXaaTj&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMTMVjbnXRUXaaTj&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 35A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QSt-nLHhSeKTsXMJQZQjlw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=28724
accept-ranges
bytes
content-length
5606
expires
Tue, 17 Oct 2023 19:35:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 35A9 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.230
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 35A9
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=349801253
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=412B7E9C-B1E1-49E2-93B1-730941942397
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=412B7E9C-B1E1-49E2-93B1-730941942397
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
via
1.1 google
last-modified
Tue, 17 Oct 2023 11:36:17 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=412B7E9C-B1E1-49E2-93B1-730941942397
date
Tue, 17 Oct 2023 11:36:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 35A9
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=412B7E9C-B1E1-49E2-93B1-730941942397
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTlsOVhFUm93aDhRZmVPTE9PMDNSWW02UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8671380081247465757&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.203.124.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-124-67.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 11:36:18 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 17 Oct 2023 11:36:17 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 35A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDEyQjdFOUMtQjFFMS00OUUyLTkzQjEtNzMwOTQxOTQyMzk3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 35A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELzPM4pg7e9F5keSnC69Icw&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELzPM4pg7e9F5keSnC69Icw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELzPM4pg7e9F5keSnC69Icw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 35A9 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 16 Oct 2023 11:36:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 35A9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8671380081247465757
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8671380081247465757
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:03:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8671380081247465757
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 35A9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
server
Kestrel
content-length
70
content-type
image/gif
412B7E9C-B1E1-49E2-93B1-730941942397
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 35A9 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/412B7E9C-B1E1-49E2-93B1-730941942397?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:bf41:b326:fa86:2937 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 35A9 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=412B7E9C-B1E1-49E2-93B1-730941942397&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 35A9 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 17 Oct 2023 11:36:16 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 35A9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7859527669293716082&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7859527669293716082&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 11:36:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7859527669293716082&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 35A9 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 35A9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:05161ac6-3f95-4080-a37c-35ca8a8f0813&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:05161ac6-3f95-4080-a37c-35ca8a8f0813&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:05161ac6-3f95-4080-a37c-35ca8a8f0813&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 17 Oct 2023 11:36:18 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 11:36:17 GMT
khaos.json
token.rubiconproject.com/ Frame D10C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
212.json
id5-sync.com/g/v2/ Frame 4DB9 		276 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
2007bf0cf56f4157d707dddf4ed02dd7415a112d7644456d79a239af40c8b451
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailyfaceoff.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyfaceoff.com
date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dcm
s.amazon-adsystem.com/ Frame 10CC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 11:36:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AY2RJJ10PXQHGXPWKXSH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 11:36:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RMEGBEHT54433EHSWW6T
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 10CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFzvR96qGKS0lq65JFHsdho&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFzvR96qGKS0lq65JFHsdho&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9Tl5IVP7sGepHSBiPVvB%2BCM8mERUznMmsoUYq9sqgBEEAgOHTJNq7%2FpM9dyG9qLaHjxHuBGoxQFoYc2G0UIQmtyssRVYpdSUxSOepOQ%2FCVjAOEyzs8o7g%2BGtnZ1TPoT4a2rW5h0cLDfAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e347e3e8fd6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFzvR96qGKS0lq65JFHsdho&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 10CC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 10CC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZS5xsZdnmBoXPAoh6YOmnQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgDqFBfa9fWLIdK0HYaM1Q&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgDqFBfa9fWLIdK0HYaM1Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfHI3TsMPSaOuKiNp63%2BEsHk%2FjG69TlvFvdc663ptcJqTigyrPfIrpmQA4X9sA8WVnt3EpsSX9Rdarw1JroGctPYDh%2FxVqj%2FuRMBfFtpD49s5vIihkJmW3%2BIDUIpGTmnocJE24afjAQALQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e34be6b8fd6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgDqFBfa9fWLIdK0HYaM1Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 10CC
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=50dca7c0-4937-00e0-bf9873e8
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=50dca7c0-4937-00e0-bf9873e8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAVXksQqldUYX0fGk9Za4Dugj7%2BIBshZWHfwg5b1mNzXH6TLHhtddNjnfPi0%2FyN7f19lTohfy0N1j34EYUXEvZFntfyr3KDGU16kWU7RA6NQ6uFfDEcMA6M2Qas3wYL12n%2BFT3Xj"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e356e1a9c01-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 17 Oct 2023 11:36:17 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=50dca7c0-4937-00e0-bf9873e8
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 10CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3WHKtLK1WEJpSw7vaYLmTLKi0Y0
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3WHKtLK1WEJpSw7vaYLmTLKi0Y0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFt6PKLPmD%2Bf4ZV5X4%2B3sXgnlLZ2fzGmq1p6ngtY6gicL%2FY%2BG8c8hGPLCxwOynqtSv3fa9Sbwgw4CZxeH7TvlhlijTZAfxfjEqsUVU742p4gBXFwwfHaVj5SUbq8j1QTT%2BjLqT1k%2Bno3cA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e36e8858fd6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=3WHKtLK1WEJpSw7vaYLmTLKi0Y0
Date
Tue, 17 Oct 2023 11:36:17 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ie
match.prod.bidr.io/cookie-sync/ Frame 10CC 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.23.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-23-16.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 10CC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S69stfRZVJZcHm0323FNCK8YSrDR136VscNmTJg%2Br3d3UCDeNxxXpn738T7lcQnhx6Ww9MH90gjQLrD%2FXyGyPK3CFKvLH3VyYfv6TrsddOGNOvLi%2F2u2jk%2BRdGMyI5DiBurWyvM2quMvAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e36c86a8fd6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 17 Oct 2023 11:36:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 10CC 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZS5xsZdnmBoXPAoh6YOmnQAA%265133
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
47999
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81783e3429b85caa-FRA
content-length
43
expires
Wed, 18 Oct 2023 11:36:17 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY5NmU0MwU3NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEmNwp4JaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXq3ql5xYWyfrWZuY2ViZzYhY29gJaN1YxyxPXq3ql5xYWyfrWZuY2ViZzYhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lYTAjJTNBYmx4JTNBMwA1MCUmQWEjMDpyM0ElJTNBJTNBMTQzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE4LwAhNTx5Ml43MCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwUlZTpkYWU3N2RxMvZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwx3NTQlNTp3MmE3JaVcZD1TZWgcozRiU1BfYXyypwY1MzU3MWFyY2IlYmMzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzRunWk5ZzFwZW9zZv5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9MTM0ODp1MmQ5Mt==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:16 GMT
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
gqQkGpcgcOIdgc_qZkUrWnT_Ojzx4JaeIROouzfw9VJobtgejJSjqA==
syncframe
gum.criteo.com/ Frame 1620 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dailyfaceoff.com
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 11:36:16 GMT
server
Kestrel
server-processing-duration-in-ticks
293101
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 11:36:17 GMT
sid
mug.criteo.com/ Frame 1620
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dailyfaceoff.com&sn=ChromeSyncframe&so=0&topUrl=www.dailyfaceoff.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=azog33wxeDVySWpzRzl2R0pOSE9YZHVhTHZsZVgzVGNxSUx0bGt1eitacU5VeVBZTnRVUzgvckF5NzB6bkNEN1h0WUR3RUc4VUlBSHNudTlFOTlETjV5cE0wNW1vamhHaHFoWmRCRG5WSy9qZkJTOG1UbkZWYmNwWWwvaT...
459 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=azog33wxeDVySWpzRzl2R0pOSE9YZHVhTHZsZVgzVGNxSUx0bGt1eitacU5VeVBZTnRVUzgvckF5NzB6bkNEN1h0WUR3RUc4VUlBSHNudTlFOTlETjV5cE0wNW1vamhHaHFoWmRCRG5WSy9qZkJTOG1UbkZWYmNwWWwvaTQyNWQxWllGdW5PdjhTWDliblNjSDZLaWo5WTlkS01BNXFSZllCWWYrbkxCdHBaSnljV2tUYzNVV1NEdFBNTEZHRTFVcmo1L1Q0OFVocXgwelVSeEgyYmtvWUY2OUx4NzArRSsybExHcVhxZnNxY043Rnk2NE84cmQxak0rd1Q3a3pHWkdQK2ozM0hrZzJ5bGVUeGNaOXpMR3dQZ2xtZmtjWkkvazdDbXJGc3gyaDBLTXRWdz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b906493971191851c7fa6075c0854dc68951d4a82e01498b7ce4e39f0402d231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2197921
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=azog33wxeDVySWpzRzl2R0pOSE9YZHVhTHZsZVgzVGNxSUx0bGt1eitacU5VeVBZTnRVUzgvckF5NzB6bkNEN1h0WUR3RUc4VUlBSHNudTlFOTlETjV5cE0wNW1vamhHaHFoWmRCRG5WSy9qZkJTOG1UbkZWYmNwWWwvaTQyNWQxWllGdW5PdjhTWDliblNjSDZLaWo5WTlkS01BNXFSZllCWWYrbkxCdHBaSnljV2tUYzNVV1NEdFBNTEZHRTFVcmo1L1Q0OFVocXgwelVSeEgyYmtvWUY2OUx4NzArRSsybExHcVhxZnNxY043Rnk2NE84cmQxak0rd1Q3a3pHWkdQK2ozM0hrZzJ5bGVUeGNaOXpMR3dQZ2xtZmtjWkkvazdDbXJGc3gyaDBLTXRWdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
282010
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310120101&jk=1571044751389707&bg=!jY6ljsHNAAbFpEfJ5aQ7ADQBe5WfOCakqfMBSRuHjcl4o_B1MhAZY9cuBGy-ukxuDKA4_hHtpzAwcEpaRnFrM_cs2zZkAgAAAKFSAAAACGgBBwoAQoJsPiLbaoX0UcKnYIu_lRtKDwWtwic-CJCFqx3p31y0YeIURHIr8NmukJygbPJ5UkcNoMqwbLMeMfwLtQG494LA6ZkC--ecvX1FXJF2dpR_ADiJUV-sR3oVkUMyx5LVJw4dWRf_I2garRkzmN6-_FDp0KNdcmlXoPek8SawhXPqjZw3ZpI2JpqCd_PKBtCgDZa-363ei7LEzyxigPJlAITNvjDjV6mD1rR7j7_Lq68i879fAydPzbzCJUg1Jul1VEwnbqwbaYuCz1YLd3JhERfC8Xbov1h5Nrn8jbN8T-q-uBXbI9KkUBgcBeHOuaZwJNiYbdnEZQBWuB-b1hjdIeh_5h5wdWE7tNpFfpW2-x6tQ2sq_iIqDmQ8X-sdQ2n3tzp8Xy5Lr2D1Ro2fxH-a6YOMSvuZXXr6VbhAGZgCU6HQoR1Ew64QtK7SGz7HTQhQu0WoA_ervY1ZLo1VRfGI0sKqwdoLNGpzUZ9ezLhrzoC4FFutuAbHgzwLUsBJUF-AREB2dAVgr8fqdNufUJWVyN1XWeq9FapKX_i0mkKdBq4s1Ii6WB2ZLQi-zMXxPF6ZHX-ASGRtnQXnBvTw9SRg39aw-kM8ds0oz3egCdEQhcI8Bkc-AvqnW-gFRov5OglTFRGBzJiav6WtTRVOSqvJm1pnK7SA_MDwrJ8ow7QX6T2ZzU2FLOfA5mqyKfWtZE8OYliEZVg_85yPXSk2ZXs09vHadtYwucPXV0M3723lZKTyUSdv_Y5G8afOHwd9OIYJdEGjeLtk-bjFAto7v1-OGKIQ_kGVHxBUlWk2FdZaCKXPjjagBocb1s7fuyEs9PKVMvsBrQy1E0532UX4Dcnbci1zlM4vmnSlCvxP0aJKDxNOA5q98Ys9ZX3SR4mgiM4oDH9-87TNz-AnARjzKyD60NLqBk11aKWz6sPAeZehb2ADJ7W895-lfAe1axwTvbYknjVdTtkp1d6utjMj0ZUbS4AosVu2cK2hILu-iEnOGO0_r2b3v1zHqilpLnWrbERZaNbJSHONq25KWqU7qQbJhlNzNIT4iBbiJM8-_yd3tPXT86aSeUu_YfLeYURkPw13jvAcsvDzZeUeUz1r1FfcCo4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
async_usersync.html
acdn.adnxs.com/dmp/ Frame C8B8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 Oct 2023 11:36:18 GMT
ETag
"623de86a-cf34"
Expires
Wed, 18 Oct 2023 11:36:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8623 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 Oct 2023 11:36:18 GMT
ETag
"623de86a-cf34"
Expires
Wed, 18 Oct 2023 11:36:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1737 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28723
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 17 Oct 2023 11:36:18 GMT
expires
Tue, 17 Oct 2023 19:35:01 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
futbolsites-d.openx.net/w/1.0/ Frame 25EB 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futbolsites-d.openx.net/w/1.0/pd
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 Oct 2023 11:36:18 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 7556 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 17 Oct 2023 11:36:18 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 7837 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 11:36:18 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5006 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 17 Oct 2023 11:36:18 GMT
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 98D4 		61 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=9740364049
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 11:36:09 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
ixmatch.html
js-sec.indexww.com/um/ Frame C541 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.dailyfaceoff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1192
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81783e3a88d35caa-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 11:36:18 GMT
expires
Tue, 17 Oct 2023 15:36:18 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7837 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 11:36:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 22:24:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38866
Connection
keep-alive
Content-Length
10838
Expires
Tue, 17 Oct 2023 22:24:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F054 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21c3df421f3da1845d174634a267b4afce68cca9be61101b715f79f93bd2f09

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81783e3aec778fd6-FRA
content-encoding
br
content-type
text/html
date
Tue, 17 Oct 2023 11:36:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bYTjgdsgZF9Cp6syIXb%2FwGZsYLmv2IWPsqhPoD7IWlmhoEEGtSdwX5oCgobDDhwyk4CNo3TL3nsw%2FYQlBrQWc3tRwKoTpyZK%2FTWIeI3uM2kLOBm4Jvvcu8j71LCL0LhRBKnbA9GA7GVwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 7837 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
async_usersync
ib.adnxs.com/ Frame 8623 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
an-x-request-uuid
721fb557-eb37-4aef-95a3-23cc06076685
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C8B8 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
an-x-request-uuid
da9467b7-9759-4dbf-be9f-464febe41176
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F054 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:bf41:b326:fa86:2937 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame F054
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5130431364717863033
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5130431364717863033
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pktmYEwSKO2h4CH202XbTU4bKjlhaAlCw4WBDW9aL8ilx5SWby5xyF34Fv53tOOQMkWf2xEu7Im3RCUvuV%2ByeKAjP6O3%2FBh%2BqCk0zaiAmT%2FA0JlAY9OZT9Wdk5npxMvN1779JDPvUk2Fcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e3b6d168fd6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
an-x-request-uuid
828447d2-6ab4-4616-9741-f161c0a65ae5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5130431364717863033
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame F054 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZS5xsZdnmBoXPAoh6YOmnQAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame F054
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=frwj8H-4c6RluiimK7o8oiu5c6xlvSClK--972qO
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=frwj8H-4c6RluiimK7o8oiu5c6xlvSClK--972qO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXB9Pui2or7bK%2BCUPLXw0tfIGPkaFJP6NupJfj8trj5R9WdbMsW%2B7cL39EPWFK%2B4i5slB0mfyKh08kuwHvaOFUz%2Be1Yg30uXTO1V1KWGqtMfCA%2BUk8LGs%2Ftp2YwUvCbo3ZbAOQedgqC6VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e3b3cbb8fd6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=frwj8H-4c6RluiimK7o8oiu5c6xlvSClK--972qO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame F054 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.240.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-240-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:18 GMT
user-registering
ads.stickyadstv.com/ Frame F054 		43 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZS5xsZdnmBoXPAoh6YOmnQAA%265133&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-143.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 11:36:18 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1697542578454059-398
Expires
Tue, 17 Oct 2023 11:36:18 GMT
crum
dsum.casalemedia.com/ Frame F054
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5130431364717863033
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5130431364717863033
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pg4z7jg1%2B1VHMsPJcr%2Fl7v6sbwJAGxxaetZI7jMhHpeORkOFhtQc03tK4xvUi2JNfMYK5cYN6bkTgHEzYXrI7FO7cjogWA53SKGsvJFO7h1fmg%2BK%2FGi%2Bi1qIug%2F%2FSmSb3PwukoRh"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81783e3b3cc18fd6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:18 GMT
an-x-request-uuid
ba69841e-1de1-4e4a-844d-495de0829a70
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5130431364717863033
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ix
ad4m.at/ad/sim/ Frame F054 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame F054 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZS5xsZdnmBoXPAoh6YOmnQAA%265133
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dailyfaceoff.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:18 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
48000
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81783e3b29725caa-FRA
content-length
43
expires
Wed, 18 Oct 2023 11:36:18 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 35A9 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159835&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 8623 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:19 GMT
an-x-request-uuid
12cc110c-3004-4329-b1a1-e11fae9d5908
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C8B8 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:19 GMT
an-x-request-uuid
73f24197-e943-4029-88c9-7f6da65beb3e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 35A9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53628363&p=159835&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
552b41a64e95e5b27460c5fc462c11f41ba44bbfe9a2b392464dbf5700c20ff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 17 Oct 2023 11:36:18 GMT
content-length
1676
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 5FA9 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 17 Oct 2023 11:36:20 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame AEA9 		0
0
i.match
s.tribalfusion.com/z/ Frame 31C2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81783e489f101e4a-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81783e473d151e4a-FRA
content-type
text/html
date
Tue, 17 Oct 2023 11:36:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
133
pub
matching.truffle.bid/sync/ Frame 9AD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 17 Oct 2023 11:36:20 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 1E96
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFE09A62A2424248B78519CF53477614&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFE09A62A2424248B78519CF53477614&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 11:36:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 17 Oct 2023 11:36:20 GMT
expires
Mon, 16 Oct 2023 11:36:20 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFE09A62A2424248B78519CF53477614&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 1D26
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1697542580364
  • https://ad.turn.com/r/cs?pid=45&rndcb=4019966294
  • https://sync.1rx.io/usersync/turn/7859527669293716082?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-014427aa-d2be-4854-bab1-5993d0eca415-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-014427aa-d2be-4854-bab1-5993d0eca415-003
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-014427aa-d2be-4854-bab1-5993d0eca415-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 17 Oct 2023 11:36:20 GMT
etag
RX014427aad2be4854bab15993d0eca415003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-014427aa-d2be-4854-bab1-5993d0eca415-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
mw
mwzeom.zeotap.com/ Frame 35A9 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=412B7E9C-B1E1-49E2-93B1-730941942397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81783e473c529a05-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 35A9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=412B7E9C-B1E1-49E2-93B1-730941942397&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=412B7E9C-B1E1-49E2-93B1-730941942397&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=412B7E9C-B1E1-49E2-93B1-730941942397&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:26 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:26 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=412B7E9C-B1E1-49E2-93B1-730941942397&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 35A9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:20 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 35A9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5130431364717863033
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5130431364717863033
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 17 Oct 2023 11:36:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 11:36:20 GMT
an-x-request-uuid
aee17f87-2287-4da2-86e2-1a6025c56d8d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5130431364717863033
x-proxy-origin
178.162.209.141; 178.162.209.141; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1737 		47 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39281058&p=159835&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 17 Oct 2023 11:36:20 GMT
content-length
47
content-type
text/html; charset=UTF-8
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530.mp4/ 		3 KB
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0156d40446a204feb67185f4fb1716a31a1a673ed0f7645f815d0873060da186

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 04:33:34 GMT
via
1.1 b2ec1df9e45c0b11d79d727742d0a012.cloudfront.net (CloudFront), 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
LAX3-C4, PRG50-C1
age
25367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 17 Oct 2023 00:41:51 GMT
server
nginx
etag
W/"4e202daf2c14ac4e12b1a42c7a148ff1"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
uq7xW6C2vrGQC-AK5DPMk5zjuvc_Uv--dP29KO-UDTcRcFfOTTju5w==
expires
Wed, 18 Oct 2023 04:33:34 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 35A9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159835&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159835&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:36:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530.mp4/ 		277 KB
278 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0916988a5a77c923b73edef667b76cce8ecf377c439aff4f1a40f46351131901

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailyfaceoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 04:33:35 GMT
via
1.1 0b21b287f9977a9610eb12d4a4a21302.cloudfront.net (CloudFront), 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, PRG50-C1
age
25367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
283692
last-modified
Tue, 17 Oct 2023 00:41:52 GMT
server
nginx
etag
"a450bb3db5a43fa31288097b3a3e160b"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
AM23-Qc34dGubMafvMW3_lfqEM4nduntgnze3rTedgtrx3fgZ1ve9Q==
expires
Tue, 31 Oct 2023 04:33:35 GMT
49a73131-3e03-4696-8bc4-5b44220f1166
https://www.dailyfaceoff.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyfaceoff.com/49a73131-3e03-4696-8bc4-5b44220f1166
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530.mp4/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
video.primis.tech
URL
https://video.primis.tech/uploads/cn1/video/users/hls/31368/video_63f630bff01fd049643110/vid652dd2090d26c709991530.mp4/w_480_00001.ts

Verdicts & Comments Add Verdict or Comment

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __cfBeacon object| dataLayer object| googletag object| tude object| tudeChunk object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _comscore function| e function| t object| marfeel object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent538 boolean| pbjsLibraryLoaded object| ggeac object| google_js_reporting_queue object| _aps object| pbjs object| apstag object| pbjsChunk object| _pbjsGlobals object| ADAGIO function| onYouTubeIframeAPIReady object| gaGlobal object| Criteo object| gaplugins object| gaData object| a0_0x1ed9 function| a0_0x3fbb function| a0_0x11be31 function| a0_0x26690a string| optmn_playmaker_publisherName string| optmn_playmaker_timezone object| optmn_playmaker_networkIds object| optmn_playmaker_allowed_domains string| optmn_playmaker_domains_json object| optmn_playmaker_domains string| optmn_playmaker_smst number| optmn_playmaker_smpr string| optmn_playmaker_coladv string| optmn_playmaker_floors_active string| optmn_playmaker_debug boolean| optmn_playmaker_probability_result object| a0_0x7fc9e5 object| optmn_playmaker_auctionResults object| optmn_playmaker_allAuctions object| optmn_playmaker_adunitsMatcher undefined| optmn_playmaker_sendTimeout object| optmn_playmaker_adunitsTracker boolean| optmn_playmaker_auctionSent object| optmn_playmaker_xhttp object| optmn_playmaker_floors_data undefined| optmn_playmaker_floors_prebidObject object| optmn_playmaker_floors_adunitsMatcher object| optmn_playmaker_floors_values boolean| optmn_playmaker_floors_collect_bids object| optmn_playmaker_floors_collected_bids object| optmn_playmaker_floors_config object| optmn_playmaker_floors_allowed_adunits object| optmn_playmaker_floors_disallowed_adunits function| optmn_playmaker_floors_log function| optmn_playmaker_floors_now function| optmn_playmaker_floors_trackInstance function| optmn_playmaker_floors_createAdunitsMatcher function| optmn_playmaker_floors_auctionHandler function| optmn_playmaker_floors_save function| vadopt_floors_get function| optmn_playmaker_floors_set function| optmn_playmaker_floors_set_initial function| optmn_playmaker_floors_set_initial_floors function| optmn_playmaker_floors_init function| optmn_playmaker_probability function| optmn_playmaker_log function| optmn_playmaker_debug_cookie function| optmn_playmaker_fileGetContents function| optmn_playmaker_getDeviceType function| optmn_playmaker_getDomain function| optmn_playmaker_createAdunitsMatcher function| optmn_playmaker_createAdunitsMatcherFromPrebid function| optmn_playmaker_createAdunitsMatcherFromPrebidInstance function| optmn_playmaker_getUserData function| optmn_playmaker_timeoutHandler function| optmn_playmaker_winHandler function| optmn_playmaker_auctionHandler function| optmn_playmaker_getAdunitName function| optmn_playmaker_attachAdunits function| optmn_playmaker_sendResults function| optmn_playmaker_trackInstance function| enableAdPushUpTracking function| optmn_playmaker_init function| _typeof function| isString function| isBlob function| polyfill function| sendBeacon object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| COMSCORE object| ns_p boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing boolean| sekindoFlowingPlayerOn object| lotame_sync_16576 number| google_unique_id object| sas object| apntag object| _ADAGIO object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| PublisherCommonId object| GoogleGcLKhOms number| google_global_correlator object| closure_lm_857255 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| google_image_requests

113 Cookies

Domain/Path Name / Value
.script.ac/ Name: __cf_bm
Value: fmQdGuT0vb6mIgnuSSKmU2LDFp7xVt05LWyJ2PGuATY-1697542573-0-Ad0HqsAMAtGMraKt1kJ4aHGVPXhwbGfU1ysW43n2iVmI62xBsU4xfTgAXyoQQc+eNCBImOZbkz0kh9lZT4t1C2o=
.dailyfaceoff.com/ Name: _ga_WYFDLPLCRR
Value: GS1.1.1697542574.1.0.1697542574.60.0.0
.dailyfaceoff.com/ Name: _ga
Value: GA1.2.528120714.1697542575
.dailyfaceoff.com/ Name: _gid
Value: GA1.2.816909928.1697542575
.dailyfaceoff.com/ Name: _dc_gtm_UA-2397777-11
Value: 1
.kargo.com/ Name: ktcid
Value: c170689d-fe54-0c38-11d6-ffa924ab0117
.dailyfaceoff.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1697542574%2C%22currentVisitStarted%22%3A1697542574%2C%22sessionId%22%3A%22b239bc96-217b-4f3d-80e5-ac80aa95bf3b%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.dailyfaceoff.com/%22%2C%22referrer%22%3A%22%22%7D
.dailyfaceoff.com/ Name: compass_uid
Value: 02835d68-b2bd-406c-8f7c-24b74b8bdca2
.adnxs.com/ Name: icu
Value: ChkI8vKCARAKGAEgASgBMK7juakGOAFAAUgBEK7juakGGAA.
.adnxs.com/ Name: uuid2
Value: 5130431364717863033
.dailyfaceoff.com/ Name: _fbp
Value: fb.1.1697542574976.405025373
.rubiconproject.com/ Name: khaos
Value: LNU90POC-E-IGP0
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoBM+QNVwSN9C+IXqvPVzt4X6LBWwGzep07cZe5xyGZWZJOnVQ5PttdAyatN2YgQI4eVDFz0mB5ODOAeVvN3U5AWWUd+velUmvXt0g4ihdWDSKPLRELhl3xG7JtXJVTTK0=
events.newsroom.bi/ Name: 294_u
Value: 02835d68-b2bd-406c-8f7c-24b74b8bdca2
events.newsroom.bi/ Name: 294_s
Value: b239bc96-217b-4f3d-80e5-ac80aa95bf3b
events.newsroom.bi/ Name: 294_lv
Value: null
events.newsroom.bi/ Name: 294_ut
Value: 0
www.dailyfaceoff.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 341155=5675736
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 2152662232313452600
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314198804%3B%24ql%3DHigh%3B%24qpc%3D60326%3B%24qt%3D25_1045_122464t%3B%24dma%3D0&c=1&l=999272624&lo=-352220060&lt=638331393756270579&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314198804%3B%24ql%3DHigh%3B%24qpc%3D60326%3B%24qt%3D25_1045_122464t%3B%24dma%3D0
.dailyfaceoff.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1697542574%2C%22userId%22%3A%2202835d68-b2bd-406c-8f7c-24b74b8bdca2%22%2C%22userVars%22%3A%5B%5B%22mrfExperiment_fiveGroupsExperiment%22%2C%221%22%5D%5D%2C%22futurePreviousVisit%22%3A1697542574%2C%22timesVisited%22%3A1%7D
.dailyfaceoff.com/ Name: __gads
Value: ID=3954b811085f6238:T=1697542575:RT=1697542575:S=ALNI_Mb2ysbIiRjM2rOdwAqoWjEzn10CRw
.dailyfaceoff.com/ Name: __gpi
Value: UID=00000c9b6368aa34:T=1697542575:RT=1697542575:S=ALNI_MYZFd3ThzmgfnW_Q8-1qHW8ic8Kgg
.dailyfaceoff.com/ Name: lotame_domain_check
Value: dailyfaceoff.com
.doubleclick.net/ Name: IDE
Value: AHWqTUn3ShZuFLJJvty-MzBrur5Q3Ncx1-un6iPoXMKot4u8Rqkb3UG3rzZnQKkwnOU
www.dailyfaceoff.com/ Name: _lr_retry_request
Value: true
www.dailyfaceoff.com/ Name: _lr_env_src_ats
Value: false
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 412B7E9C-B1E1-49E2-93B1-730941942397
.casalemedia.com/ Name: CMID
Value: ZS5xsZdnmBoXPAoh6YOmnQAA
.casalemedia.com/ Name: CMPS
Value: 5133
.casalemedia.com/ Name: CMPRO
Value: 5133
www.dailyfaceoff.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-17T11%3A36%3A17%22%7D
www.dailyfaceoff.com/ Name: pbjs-unifiedid_last
Value: Tue%2C%2017%20Oct%202023%2011%3A36%3A17%20GMT
.bidswitch.net/ Name: tuuid
Value: 61b332c0-a4cf-4dcd-8b4d-32d60cc776c1
.bidswitch.net/ Name: c
Value: 1697542577
.bidswitch.net/ Name: tuuid_lu
Value: 1697542577
.quantserve.com/ Name: mc
Value: 652e71b1-393c3-7c0b9-410cf
.adfarm1.adition.com/ Name: UserID1
Value: 7290889851789899929
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7290889851789899929&KRTB&23369-7290889851789899929
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5130431364717863033&KRTB&23339-5130431364717863033
.adx.opera.com/ Name: UID
Value: OPU8e62b9e17dc948efbdd9a25309a01439
.simpli.fi/ Name: suid
Value: AFE09A62A2424248B78519CF53477614
.ctnsnet.com/ Name: cid_0a98c0c189614bae8c87e937a949b435
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 1ccef171-a890-4ad6-a6a0-8611d979d87d
.weborama.fr/ Name: AFFICHE_W
Value: BZbU05DMgkEF84
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAytzA2NTU2MhTiM9TNMY_0c_L2T883rYoAANzLK6AlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAytzA2NTU2MhTiM9TNMY_0c_L2T883rYoAANzLK6AlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmluamJkam5ubGAGAFaASnYQAAAA
.de17a.com/ Name: guid
Value: 1.2054724883715796864
.adform.net/ Name: C
Value: 1
.bidr.io/ Name: bito
Value: AAElsE7KXOMAABnqMgOumw
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZS5xsQAAAtA15AA4
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_d27eedfc-2b1a-4f43-8a75-8f70d1878a8d
.adform.net/ Name: uid
Value: 8671380081247465757
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E&KRTB&19420-XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E&KRTB&22979-XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E&KRTB&23403-XSn8flwtrCpGL_coCC_jLAgsrCJGKP8rCHqN_p1E
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5133329528278355321
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU8e62b9e17dc948efbdd9a25309a01439&KRTB&23485-OPU8e62b9e17dc948efbdd9a25309a01439&KRTB&23524-OPU8e62b9e17dc948efbdd9a25309a01439
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELzPM4pg7e9F5keSnC69Icw&KRTB&23025-CAESELzPM4pg7e9F5keSnC69Icw&KRTB&23386-CAESELzPM4pg7e9F5keSnC69Icw
.turn.com/ Name: uid
Value: 7859527669293716082
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8671380081247465757&KRTB&23263-8671380081247465757&KRTB&23481-8671380081247465757
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-61b332c0-a4cf-4dcd-8b4d-32d60cc776c1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7859527669293716082&KRTB&23150-7859527669293716082&KRTB&23527-7859527669293716082
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2054724883715796864
.criteo.com/ Name: uid
Value: 76b6a062-098e-4345-a3b3-7921f63eabe9
.onaudience.com/ Name: cookie
Value: df7f5c1e2962007c
.onaudience.com/ Name: done_redirects104
Value: 1
.brand-display.com/ Name: _knxq_
Value: 50dca7c0-4937-00e0-bf9873e8.1697542577.0.1697542577.1697542577
.dailyfaceoff.com/ Name: cto_bundle
Value: XVsFBV9GYXNkU3d6SWtyU0hPJTJCdEdJUUVJSWhxSERJc0JaejJOeHRMNk5tJTJCa20lMkIwNkg0NERPbW9reXVLOTFLQXpVNGFLNzBzVTd3UEZXaFoxTXlkQldzckJnbDF1SjByZEVGVGtWTUFXQ2xvQ3p3UTJqeFFhOFg4eFkyTyUyQiUyRmg1Vml2Z01wdGYzSDd3SndFZWF0bTdyeUNZbnV3MDdWN0p4c0xrbUxlOVEwNTRYVERzJTNE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Ecv7Kmx8QMTMVjbnXRUXaaTj
.audrte.com/ Name: arcki2
Value: 99l9XERowh8QfeOLOO03RYm6Q!20220908!1697542577588!ip#178.162.209.141
.audrte.com/ Name: arcki2_pubmatic
Value: 412B7E9C-B1E1-49E2-93B1-730941942397!20220908!1697542577592
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6d38ca384a5b7df6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dd61cab4-b2b5-5842-694b-0eef6982e64c.XDldbsOYBPGfvpokyxVthoI%2FuLDQHVrNp5F7gPfM3pk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dd61cab4-b2b5-5842-694b-0eef6982e64c.XDldbsOYBPGfvpokyxVthoI%2FuLDQHVrNp5F7gPfM3pk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3WHKtLK1WEJpSw7vaYLmTLKi0Y0.Q7iEC%2FxdE7MAqi%2FHGjaO9lpPW62SW%2B7i1%2BjKRB7GRiA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3WHKtLK1WEJpSw7vaYLmTLKi0Y0.Q7iEC%2FxdE7MAqi%2FHGjaO9lpPW62SW%2B7i1%2BjKRB7GRiA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIM0O50WgEwgStCgaOClTCBeH7oroycBjFEFUVG-jTGABEHwYBCCx47mpBjABOgTwLrJgQgS623c3.w3rjDwB6Q9mclsfhcxhtboUzycXKMH0GNWWgvzjXiP0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIM0O50WgEwgStCgaOClTCBeH7oroycBjFEFUVG-jTGABEHwYBCCx47mpBjABOgTwLrJgQgS623c3.w3rjDwB6Q9mclsfhcxhtboUzycXKMH0GNWWgvzjXiP0
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-3WHKtLK1WEJpSw7vaYLmTLKi0Y0&KRTB&23334-3WHKtLK1WEJpSw7vaYLmTLKi0Y0&KRTB&23417-3WHKtLK1WEJpSw7vaYLmTLKi0Y0&KRTB&23426-3WHKtLK1WEJpSw7vaYLmTLKi0Y0
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAElsE7KXOMAABnqMgOumw
.audrte.com/ Name: arcki2_ddp2
Value: 99l9XERowh8QfeOLOO03RYm6Q!20220908!1697542577746
.amazon-adsystem.com/ Name: ad-id
Value: AwwP3_Y6wU14okDI20oSR_g
.smartadserver.com/ Name: csync
Value: 76:CAESEMytBqbpp3tOOQib57hsIlQ|91:412B7E9C-B1E1-49E2-93B1-730941942397|127:AAElsE7KXOMAABnqMgOumw|141:99l9XERowh8QfeOLOO03RYm6Q
.audrte.com/ Name: arcki2_adform
Value: 8671380081247465757!20220908!1697542577902
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.audrte.com/ Name: arcki2_smart
Value: 2152662232313452600!20220908!1697542577949
.quantserve.com/ Name: d
Value: EMIBEgGaKvijC_vLEA
.yahoo.com/ Name: A3
Value: d=AQABBLJxLmUCEFZxx7xAFT2st6nzHeN5Sp8FEgEBAQHDL2U4ZQAAAAAA_eMAAA&S=AQAAAgVFirz1vPEcTY4eayAIgyo
.ads.stickyadstv.com/ Name: UID
Value: c9cbf6aa468abd683951e9b1caede25
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZS5xsZdnmBoXPAoh6YOmnQAA&5133
.adsby.bidtheatre.com/ Name: __kuid
Value: 05161ac6-3f95-4080-a37c-35ca8a8f0813.466756578
.pubmatic.com/ Name: SPugT
Value: 1697542578
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 159835:4
.pubmatic.com/ Name: DPSync3
Value: 1698710400%3A197_201_245_241_235_227_226_219
.pubmatic.com/ Name: SyncRTB3
Value: 1698364800%3A63%7C1698796800%3A35%7C1702684800%3A69%7C1698105600%3A15_2_223%7C1700092800%3A203%7C1698710400%3A165_204_13_56_238_251_81_161_55_243_214_71_234_22_21_54_254_220_233_88_99_46_176_264_3_8_249_166_196
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zc
Value: 19c02e09-c692-4862-5557-edb4bfbab053
ads.playground.xyz/ Name: connect.sid
Value: s%3AxOSDYioiyBFBuYA8BL12hH1vGZzOeCa5.ANHxyhmasKnRoWSCCILQZPHSokbQkqyowQW4zPX45FA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-014427aa-d2be-4854-bab1-5993d0eca415-003%22%2C%22nxtrdr%22%3Afalse%7D
.semasio.net/ Name: SEUNCY
Value: A197E9BDCBB98ABD
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-014427aa-d2be-4854-bab1-5993d0eca415-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-014427aa-d2be-4854-bab1-5993d0eca415-003&KRTB&17107-RX-014427aa-d2be-4854-bab1-5993d0eca415-003
.pubmatic.com/ Name: PugT
Value: 1697542578
.tribalfusion.com/ Name: ANON_ID
Value: aHnoeUolXVyQuWxdKZcYOXScHQdUGImuac9NFmmUq

5 Console Messages

Source Level URL
Text
security warning URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cadmus.script.ac/dc19s0tq5ynbc/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.dailyfaceoff.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.dailyfaceoff.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=412B7E9C-B1E1-49E2-93B1-730941942397&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e7ef9ea018f390df08dce2295c1b2a8.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adx.adform.net
ap.lijit.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cdn.indexww.com
cdn.optmn.cloud
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dailyfaceoff.disqus.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dn0qt3r0xannq.cloudfront.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge.aditude.io
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
futbolsites-d.openx.net
geo.privacymanager.io
green.erne.co
gum.criteo.com
hb.minutemedia-prebid.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
krk2.kargo.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
polyfill.io
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rtb.primis.tech
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
video.primis.tech
www.dailyfaceoff.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
video.primis.tech
104.18.25.18
104.18.26.193
13.32.119.77
13.32.27.122
13.32.99.122
141.94.171.213
141.94.242.204
145.40.97.66
146.59.148.16
151.101.194.49
157.90.211.246
162.19.138.118
162.55.144.218
172.217.16.130
178.250.1.9
178.32.210.226
185.64.189.112
185.64.190.78
185.64.191.210
185.86.138.154
185.89.210.153
193.0.160.131
195.5.165.20
198.47.127.20
198.47.127.205
199.232.192.134
2.19.126.143
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
209.54.182.161
213.155.156.168
216.52.2.39
23.32.184.180
23.32.184.192
23.57.19.78
23.88.17.186
23.88.86.2
2600:9000:2127:b600:1a:5235:f980:93a1
2600:9000:2127:e000:1:6448:6d00:93a1
2600:9000:225e:3e00:19:b6f1:d180:93a1
2602:803:c003:200::51
2606:4700:10::6816:1957
2606:4700:10::6816:337b
2606:4700:10::6816:3c77
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700:20::681a:b4d
2606:4700:3033::ac43:9fa2
2606:4700::6810:3865
2606:4700::6812:1791
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
2a00:1450:4013:c1a::78
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:12::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::282
2a05:d018:d29:3601:bf41:b326:fa86:2937
3.120.99.213
3.126.233.203
3.65.107.250
3.71.149.231
34.102.253.54
34.111.129.221
34.111.131.239
34.160.19.107
34.95.69.49
35.186.193.173
35.204.158.49
35.214.190.155
35.227.252.103
35.244.159.8
37.157.4.29
37.157.6.233
46.228.174.117
52.203.124.67
52.208.23.16
52.222.208.154
52.223.40.198
52.48.43.143
52.48.84.121
52.57.151.220
52.59.116.26
52.6.137.171
54.84.240.181
54.93.221.31
63.251.232.165
63.33.109.54
64.202.112.127
64.227.64.62
65.9.66.122
65.9.95.63
65.9.95.81
67.220.228.203
69.173.144.137
69.173.144.139
76.223.111.18
77.243.51.121
82.145.213.8
85.114.159.118
95.101.149.233
98.98.134.243
99.86.4.39
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
0156d40446a204feb67185f4fb1716a31a1a673ed0f7645f815d0873060da186
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
0430891bac57eeb358f0ff0a82f1921dec3cc02d5268cb434f624921e5090d59
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06168b0fde6b8c7cc6527eee461185da00c2a68ca5481227d838e1c4be360c60
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d3bb19645c6af96a0180f8eb4067f9133d372c078877ff2bc4ee006ed636a5
073701902be00d56504d8e2bc7fe2a53db57b3b6e9db98fad32a8e1be6520bc9
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0916988a5a77c923b73edef667b76cce8ecf377c439aff4f1a40f46351131901
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0949b11760153c0738da4626c723c271fd551b09ee6113d769ef77b672505286
0ae6c62a2a9c69aa427f3da2c542ce0a6572ec9a24d99c0cbcc27dcee10eeb09
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0f537db4fba13bebc3c7f8d1752311425cea8937a370c0ce854287c1ede9a578
10d94a22970df2a98d64662d138f8b6f1a5daa5782171d5de312fd06a850d9f6
1183702d9e8dc520e570b96477acff7d2aa793cc02f8d5f1e88918039b98e6e3
1400b94e62135a07b8794d3c7974d851cc2e914dc1d0fb93ba7f03c0b189e905
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a4e4a82c770ac4268cf9b26c4310d5e0d99ff06d4f8c184fc9c5b07cadefc85
1aaf040803a2d99ea8aab88d7a828d77c95686ccf1e86a199293a10422cb1bc5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d46e748a88ff7a7d8778dfe7b7e8a1040a855addf48938cde30f750558f2da4
1e415ce18d1c20134aa56944a491f4e954ebf91b77656ebef2433e52cf481265
1e532a00b8ca7c74c61bc5421accdca16a7dcfe1c3ceddcfe3c17a812294838a
1fd10b6dff01533ad0ad1a6d06296c246270001ed05b326d2d377ec219442f54
1fece8d4384980c4d76fad0824b6f75d5a0c42a828523705f2ed422f7c90d6fe
2007bf0cf56f4157d707dddf4ed02dd7415a112d7644456d79a239af40c8b451
21c3b58cbb8ae6c3e6947cd861285e18919de6a5c7d3398f4c42bc7024165727
224dec49965a4bc596215b09bff280e01af7361134187ccbcb09673de47a9715
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
2798c071674d90e75024e00a49cbfe65ec9d66399077a0f8cc4c5f76c7b11c3e
2832f558808222901e9c91f87dfb6906c54cb582f21fc73ab84f89700341b67c
28a22a3757060d4ec2f043ad5697391c3b189408f55395c733db8ddeeef5183e
2a3b7a345b18da5b6360c15ddca29408d6883d8b701933ccd87aade7cf013650
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c0010a8fbbf83764aa1a05b3c986907fa53380147d3f47ff4af44c2d159a008
2d7e08a3e0f9a406c85837097484004fdee5d52ab6020bfbc1053e6c91f32972
2da32305d69a8118e52bc7c6f39dd8b447fa8614d03e6f6bd5e69d43c00413f8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee4ede5a6dd9b01a074874733ec295337c3558bfa33c7608f551b727643b023
2f492dedd896bb323681a96fd999c7bb36ada48c44cb618114aaddf4c52d3ec7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3050a01d9b0d70b35d2f462a6c6ab7b3d9b9557844f2294f3b43265e78f013f5
307eeda9a7e419a9b3054ce11057144870d3632c6fe13fd4d52a004e1131a7fd
30eb0aacc062aefd3b0a20b4aa9749977bae8f1dec9f2a0071480ccdf70e199b
33db68ab9d17ea9fa1a0c8e2291be98094f621f0c12a664384aa4182a5a3715e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374ec0bc6ed4dbe80d5b50ab1df72969a871ee0bf6213c7f6e378144b8702ce3
392a96b73c276b94891523a9ed559cc07c0960e2c067e424d3ad44526c18e612
3b36491a598a385ee55fad7149712befe6be8f47eb58be511e560ee0bb2e3635
3c630caff56d105a020a7b4e6db6086f71075cf7fc742b887b7c0779756cebdc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de7b02c8eb7669f21ac1831b7f1177c51689ffa3bc2175e40f91a90d4868af2
3e033a4b393c5b7ca056fff71007168b3a5fd34b5f4feec2f0fac8069a2e584c
3e3ca049a956dcf79390d6ca118b1b631c705c905a987a1460e8175dc06f12b0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
40ce0f3ea2549c3f5d9f5ea09b35657dea6f262bc6ea24baef5519f1acaf2ea6
40e980a4a328f2f70b23081d7370b55481f143d8926def3ceb63a813b2f0a9c5
413f7ed8973d68791ffe7e8d47c99f8d375eb298cdd40359f70860c2a06956ca
42a944169c62a5c7b75cf16e06f2900e2d293def06ddf1d5be733a2a0de237c1
43baf8a68c78e3ce362d10883fa38bdb429f6d6d62934cfa77177d86fd40ff9c
43d142cc6e7d06b614202a20a57f7087ccd8c9d9a3831b7d2bf661baeb350177
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44555bbe54bd61ebd3bcd2046a94e52fdd95e054ecb24f93c758fb9a7387f531
460f1244842bc6da64dfe2d9a5db61ef9198d54e94b649dea6be76715e7d968c
461d9d9ddb4829b826ede451b55580827053e6b4ec75b2c44fce2673e5b75fdd
466d845199969b74e099d521272075374d5cc1b1c28b94f3f6fa121ff0fe5926
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46eff6bcc80e3b46dc12f0d35d9e6f661ec08341a3789b00567d86bbc171172a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f4b15f78e1cac8e73368f2db1553ef4f7400f7783af07e5628bedbe1f29fc9
4965e3fec4d706f95bfd80b25525119f302403f6177078d967eb9436aa6713e7
4a464f656557d4f3533034f21ce23ce2fd1abfb82a2e43a7e4c7ee51e3fdca57
4aa3741725a3cfac0fde7e55903de1c4b18765636f546bcc8651523e617c3a0a
4c15a309d809cf50f70ede65d48fd8798dccd4d5a120943e896d8dc9afb54d98
4c934569af57e28a7e09b227cc06b07b95257e24af2c663964653f7e001fcf25
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8976123caac495c52812f1d4050252839ac64075cf0c6a5debd6b69a1cad00
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5061a5007eb8d4180f555ba0848d0fe3f87928aec22825c7b76ee82f65fd4ffb
525b7c567855bd59da6838cb6ebb39962ac46c7b38172bfa7ec3309e40fe106c
5388858719c88ab875faebf78af957b7b5bf8a3167f0dbd6dea2ffc90bcb2c1f
547e573970e46265bf2d47f8d1034d2e21f1c03b93ff83215e7b1446d1ad3314
552b41a64e95e5b27460c5fc462c11f41ba44bbfe9a2b392464dbf5700c20ff6
555cddad04eaa840f02fcafa1c68d3ce5abee677493b8ceda0a19647a6fa8d97
555e47039b8cddb3aedea2ae08bf03bb34eeecc3fbc4f39eb0dc488d4cfc3d5b
55745c7aa2981111153462b6995fdb9f12bfe54ae2618ad268ce33a15b2ab09a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
5a92be1a9cd1d6b36e5e9a8405ba52e0048926a2c29b785a1719a7a4f0c04bea
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c9e5ce0644abd7c452d213ec8b1a7eaec2c294f6d5e0e77a5fb9f10104a0f9c
5d267b27ee5f06ff7c3409835a916da8cbfff5f4d0fd4f575d1420c855ff6fe5
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dd2e16e112200f5f23bd3ef0a774e81e4fcd13820025e563a85336108be52a1
5ddaacef0675630a2a572342e0128600deea69299f16e92e739bacea5593194b
5e1fa44b4fac257e3cbf91dbe1cc1b00fdb910253400cd4a6c76aa2adbf02f79
6152eacf337b3719c395520483b472e1743854b60959bd4dc7e553119ac01cf0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62315e238f1c1ec55dfce9202d2ecedd042d968075bc4646bcc3e20edd38c212
6253f92c86b1532015f74b1158231aabab206d83d97ca3f4dfdfa285190e7747
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65534fdafbad9cb1acca833772bc23a5d03e1a89f1ae44f34699b522e023a11e
65dc10bdae421dcbb55ba2750df1d03f818100312c66e891cd89d8401033a795
670ce71834d2a72380141488c80638804e2b68939114e9c7d91af534f76570b5
678a491ab08bb329e7d69f513a779a8271af7aca6c301363d40be06b18db4694
681028a6eee030505da0da1a2644c76fa6c2b8f75e3c0650fd782ca8174e79d8
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
6a64265352b73d13aa9ad12d5e2a303bb4116082641468d8b2cbdf58acac90a1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd219d058e1246d680abe1e479717a78070ea68f90b4f1cf5dc75f8891e1634
6d24e19854f8b2802d7d9c4a93b08ce89ebd2b544bade662b5dd59573969ecc9
6d2f13a01b414123afd25f281e7f06ae7e99e9bc3774f74b8cd8b8a9695f61fc
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
714b7407d185b4c1f3059d9443f90413edd4609012c36baac81d01992f913008
730635c7846c0ad533e40a0449756fd7da38996fca403e31e632af513ce45d10
741108ae832e77a0bfb152fdd2923d055cf45f4332f60b32800c4fa609a90374
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75eabd9a472df95f9aa3d2f91175acb2d70259b839615b1c16b0c2c5b53de7d7
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78520a28519d3275636f6f8a18691b5aa43494ad5b09744f5c3fa8243f9953bb
7906dd8ee5297a81dfb6958ea188e72b1c889b2a162f67077476e2b3dcd43a24
7a1c772e5116f82c381f60efb6a8623a03c8a8bb4b336445cb4c1a36bf0df429
7a8e72a369bf03fbc61694ef3b1a18bd4c356547c5f7b5c5b42bdb9558bd3a95
7bb6870c55ff897a92daa68203aec68eb2495eb2e4abf7c455c10f09106d6469
7beb1d5568b1eb43005f615592c4cec893fee9c3253a6382a5fa7a415cf9bd79
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82ea103961ef4e71b4b7c094f88f3f4ae89f173187949e8557ce7f8023d3a11b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b632e839f13c4fb455359a24dce85719d52da462c88dbb9ee56bdbb31efd9a
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
856b8e5613167bc024c5fd800987c0cd296c9244a1f5eb6e58fe07023c02aca2
881b56c4a6e206151eddb589e69380ac3253d23c469eb64bfddf396056812c43
88f6f7717c4c0799d40ce3e5f85b442c726644504e27317e87309f49d6a5e523
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d98915ed3cb9a5adbc271b167919c3f6d3dbafb4d690cb77c5765998e3dddb0
8f34ecac3d386fee012a25f1d2c000d71bf6ad9e89cdc14175c8a435eaa10804
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9650c2f047b36768b976528d0a79622dd201ffb17c6bdb499f7de288a3e1e9f2
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
978c046fdb87c2a9cb41d0a40c3bea535d73825e9a0ddc6cc9058bd29bcf00d6
97a6aa5981ed49d7d6e0dcd2db03cd401f49a1aa354c2eaae2d91b5950d3438b
97a7f1daf10f16f2e3e0b95440ffe6d0f1fe0b2f9f8c94d5a0158a266553f878
97b2caa8dc8f84c85efa039743ebbc7331fa840f544671544345c601ae88c277
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99238b0a6c6bff884263aa2f2e67be5bd637d5fc36479b60a1a48394f3690f07
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b38b7f9c7847bf7cbafc5d23579e6604b26ef0cacdb6910074734d576ba4db1
9c17b64bf309d03a7891930cc768cb1762b5e7d2a26135d36dac9bfdd349ccc5
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9f9c56a7c59d79218224dc8185844cab70ff499bd5fb65c70318d7d9196f15e2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1818e9f455a694eff3539467735274a6be6d4355a6e47a6545e46d984df0187
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a21c3df421f3da1845d174634a267b4afce68cca9be61101b715f79f93bd2f09
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a39904366a6496fa8d4cbbe0940e1fcacc9be5c2dda2babc7dbc9a1010de098b
a4afd8c5f389d8eee43ec5c60addc04182b51a2e3c78604599991cfa1d19b87e
a5e7b3f06c43bee8771ece00a9916e05a13c3e5e47052559f99c23f5eacf5a27
a79795edd32df5096ab7052f4d9c66d0fd6a5a515ca405792f56d0e334e71734
a7e685bd4d9d9b602daff6f98766e32cedaa9e670d294adde5fc6ce662f2573d
a7f940210c298504bd1016fea7fd79bbbd24f404c0008c5f84b93ab2ff7e56cb
a84a776d6a35ce68c6a7756392b7efd4fd91a867bb90f6eb4843383ad7fc503c
a84bde1fe730fb30eb7ec5f5d358d16f9438ee40309e57e20bf93a2f86b3b732
a8c5ff159e7d983540e9065f29ec868fa182eb199438e25bbf52a4d093682683
a8f69507ebe6d8782fb7f74b1ec740d9ebc2c024c6060d3a1ae9ba93b7b5a534
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa452e455c769c00c3843c4808b006b8d38197fb1a276b5e08e4d3cb7b567581
aa9e8d299e44d5aa8573ffcc1dfea3cc452848bc776af119862d3fadc0f7859b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aeeae94fa372b85b284d9558b7a8f7821ac465daabf20875d3c4ab249474c325
afbf2f12b4f81e325d436613f0994b0a25ce4dea459fd2a5fd20ca5d5b93d7fc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1669ee40d0da888d7aab85b9f2fac80be7d241265466d620fe7564b348d2ae0
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b4ca989cec583ed69b2df63c05d91ead25e13201945d9cc0bf9238a1a4d96045
b4e00fc9cfa7db225365e542d39be275242939d77efb176591250bb555692913
b50028fc69adb1ad4565caec02ceebb0f4ce91ba0dffdf76a02baea233272dca
b5d262d92e543246a595d1b20ad250ffc44d0a4efc568d42c4dc39cb36bcc65e
b8881307d303dbc0ccb3cd358c8c59ba19115096fa4f795bec96b8545f5898c5
b906493971191851c7fa6075c0854dc68951d4a82e01498b7ce4e39f0402d231
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbce9e55faefef105f376c2e67be5d31f92b36b5886116471ed7104305316ff9
bc7d230068b72f4b3d826c80852a7648a60f330c265d8f70ed8708297b462c68
be8b3a8b79def8a156c9742d7067fa30d330e272532de61dbdd9368963cd671c
bfbad2c0067696b079a48e1b1bcb35be3c991444fb5d6a1c4445e99ad1cb8a4a
bfcbca5f0ec7aff19873aaa7549b1d707e99341dc955d0a470d2204eb695151d
c1448f297b44adcb68c292708b0f007a149dc2c4ef6b31c155f1929dac9e30d1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c36b426ba3041eaf0bbf7c9230e8feaf7c3e6a9b8a5c3e95b47780332ce87ee4
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ca797736334786a7d23226da92bf070d6c6285711943faf6fa543557351b812e
cbaebabbf37e7fe27f629c6e54a77ac7fcd6e143eeb2e686ed741dd9bacb0567
cdb1becbf2264c3a77f14f41764c21db337516c2d14675d05ed01a577dc5f92d
cddbc33ef4d89740249b364ea6dd1081b8d95c2bef32d1f7552821cb44564b21
ce76230f57c0a5804fe4a894fdc4dc763019463eb7fb545e3f75fe5df7f2572e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66783747843242e8a8a75b20e627563b822272062a2aaded03eb3d1ec96337
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0fbb77cd3405dbf120d958704831ca81e7d590b2f78431d20acd9493f124cb7
d2fcc4bdd661e1fae559c19f8991ce9d0de7d1bbab44e23889b9363dc9a142fc
d5c79157f698d9fff2de53f7fef46f905278d53e8ec28be12dcc5945cd0bb753
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d6e19f6dfb0cc5defd6d462aafce266c6f6bed63500aaa26225460ed08dd4ebf
d7549e7c3f4abbad41f0396715b7de38874a14e6c71e5f937433b8d8b7d45442
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d81213e01b51d8d11f09d46a132fd11f9c8c1028e5d3d711254c4c05754623a7
d8f479be0f290b16610cc408f9d6b00831777c4428393749e171dce1affb6972
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
dce5a18666a416281df1156ef890e8fc382ffebd949977c9308a2e19fb0023a2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea1af45519749b943ccd2f61cf6492decf53b8496e507334228fc2c8ec7259a
deaa4eaa5986cd33e8d660c57b98bef4128a237744be61df07c4326e3e485c0d
df1ad039c61ccd20de09cd596ade91f06ca382b502e39b31c2e983f3e20d183e
dfc7613cf6cbe9af2ae4fdd0fa577120b30b135709bf8d03d16496dec9640f69
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e2046d0dffaaff13d278ded237ca0480d379f691f8c46017da3d383736d50e23
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e32823f8dd0e24f6c0e69b1364b40f3e6e47abe9292b8fe2264dabb6f07a2fb3
e381e6206bcf05d9361a7a607f8746a696929868662a1189df33e5fae31fbbdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5639a21f1902a53088b38df978e75d7d1574e137bb0ee426be2a99e29a0f4d1
e5d47f0e15580a871f63e2fc80bc01ae914b616f78323a497c1170140321e92f
e8e84b67a398f8d17749346578d2a7c710c05ba6dab88e499691729a250297fe
e90f0c975bae926a25ff386ed2ea546926578a83473fabe679364056ca67f243
e98f395bb8929b75791c82b3ef51416bdee0a0b4ef9f7f1fa06793cd5ce77316
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
eb383daf5ac5f98ee1e961fe37ddf9f91e931bb1d0ab0bb07eb0b821e5ff8e11
ed1574193bac53b7debcaf92a45a4cc200ff348d8fbf396a6a4be43d734b0e62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e3d20bdf9828968f99d6cadd764d147cf494947cbfdafdbb611760cb5d5a9
f3cc57a0e8c5a2a86ea1cbf43853173b5f1690ddc5c918f1a0e8d589796df7c8
f42e18ef245c24dc9fddc4634bb45e82da91636a80aeafee95cb13d9b739117c
f496a2bc7479a53462e4e803e31194a1c6bac060fb34a674b094d80e35ae7205
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f604328a80bc5998fb1086aad0e743a58a85754ec2b7614b58b38924189b6c17
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f814a760fab4a73128b24ee773609b147d90dff52aa4b88f11ffb84ef9f98434
f97c1f41fd7fe19224ec65bc340835a8901df80a9136bb26b9aa2549293f9585
f9e1d50b07a89e8f38a392ade671edd2fc8600a511745b877df5d4f0ba5997ac
fa7ee2a418043698daf720cd177a4f0b5172484a05fc604cc0294b099ed0c647
faeeb447489a22cb3134f5801c870b878a0ffb3d159b7c25d3d591c8ff4aa36c
fe4fec1eb01cadd69cae4a07801c7b799fae9dd2183f3a508da4636cc73e0247
fe5c3e2b9daa06267ea3b1b09e4c22e8218e4707d035dce967318e4805031b64
feed3edd0af9716cd74e04fa4c671206f08e75426a72e1e059e2c2216734d341