face.cx Open in urlscan Pro
185.154.138.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://face.cx/
Submission Tags: @phishunt_io
Submission: On June 13 via api (June 13th 2022, 10:00:40 pm UTC) from DE — Scanned from FR

Summary HTTP 34 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 34 HTTP transactions. The main IP is 185.154.138.65, located in France and belongs to O2SWITCH, FR. The main domain is face.cx.
TLS certificate: Issued by R3 on June 13th 2022. Valid for: 3 months.

This is the only time face.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 25	185.154.138.65 185.154.138.65		50474 (O2SWITCH) (O2SWITCH)
1	2a00:1450:400... 2a00:1450:4001:812::200a		15169 (GOOGLE) (GOOGLE)
6	192.243.61.225 192.243.61.225		39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2003		15169 (GOOGLE) (GOOGLE)
34	5

25 185.154.138.65 (France) 1 redirects

ASN50474 (O2SWITCH, FR)

face.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

driftstupidityopponent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	face.cx 1 redirects face.cx	181 KB
6	driftstupidityopponent.com driftstupidityopponent.com Failed
2	gstatic.com fonts.gstatic.com	32 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	1 KB
34	4

	Domain	Requested by
25	face.cx	1 redirects face.cx
6	driftstupidityopponent.com	face.cx
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	face.cx
34	4

This site contains no links.

Subject Issuer	Validity	Valid
face.cx R3	`2022-06-13` - `2022-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
driftstupidityopponent.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://face.cx/
Frame ID: 4AE373BC623149767B833185EA7A2DE4
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Meta Face – metamorphe faces

Page URL History Show full URLs

https://face.cx/ Page URL
https://face.cx/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

227 kB
Transfer

739 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://face.cx/ Page URL
https://face.cx/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://face.cx/wp-content/plugins/litespeed-cache/guest.vary.php HTTP 307
https://face.cx/wp-content/plugins/litespeed-cache/guest.vary.php

34 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
face.cx/ 57 KB
14 KB 113ms
27ms Document
text/html 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: a13d9ec0c8cc24f20fe64432e06573032ca27af5d0069dff0b4488fb2ecdb79b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 22:00:33 GMT
etag: W/"39691-1655157633;;;"
link: <https://face.cx/wp-json/>; rel="https://api.w.org/", <https://face.cx/wp-json/wp/v2/pages/1658>; rel="alternate"; type="application/json", <https://face.cx/>; rel=shortlink
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
x-dns-prefetch-control: on
x-lsadc-cache: hit

GET
H2 200 ratemypost.ttf
face.cx/wp-content/plugins/rate-my-post/public/css/fonts/ 5 KB
5 KB 25ms
25ms Font
font/ttf 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Request headers

Referer: https://face.cx/
Origin: https://face.cx
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:33 GMT
x-lsadc-cache: hit
last-modified: Sun, 06 Feb 2022 02:20:44 GMT
server: o2switch-PowerBoost-v3
etag: "38161-1654979313;;;"
content-type: font/ttf
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4824
expires: Mon, 12 Jun 2023 02:28:33 GMT

GET invoke.js
driftstupidityopponent.com/172a1667a65d97d3a17a631a502a659f/ 0
0

POST
H2

200

guest.vary.php
face.cx/wp-content/plugins/litespeed-cache/
Redirect Chain

https://face.cx/wp-content/plugins/litespeed-cache/guest.vary.php
https://face.cx/wp-content/plugins/litespeed-cache/guest.vary.php

16 B
266 B

43ms
43ms

Fetch
text/html

185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-litespeed-cache-control: no-cache
content-encoding: br
server: o2switch-PowerBoost-v3
date: Mon, 13 Jun 2022 22:00:33 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Redirect headers

location: https://face.cx/wp-content/plugins/litespeed-cache/guest.vary.php
date: Mon, 13 Jun 2022 22:00:33 GMT
cache-control: private, max-age=0, no-cache
server: o2switch-PowerBoost-v3
content-type: application/octet-stream
expires: Mon, 01 Jan 2000 01:01:42 GMT

GET
H2 200 Primary Request / Show response
face.cx/ 47 KB
10 KB 112ms
112ms Document
text/html 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: a57cc8a172849708ce3b384701b9e663d52866c516db5505ab178ce720706bfa

Request headers

Referer: https://face.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 22:00:34 GMT
link: <https://face.cx/wp-json/>; rel="https://api.w.org/", <https://face.cx/wp-json/wp/v2/pages/1658>; rel="alternate"; type="application/json", <https://face.cx/>; rel=shortlink
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache-control: no-cache
x-litespeed-tag: c731_HTTP.200

GET
H2 200 ratemypost.ttf
face.cx/wp-content/plugins/rate-my-post/public/css/fonts/ 5 KB
5 KB 25ms
24ms Font
font/ttf 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Request headers

Referer: https://face.cx/
Origin: https://face.cx
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
x-lsadc-cache: hit
last-modified: Sun, 06 Feb 2022 02:20:44 GMT
server: o2switch-PowerBoost-v3
etag: "38161-1654979313;;;"
content-type: font/ttf
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4824
expires: Mon, 12 Jun 2023 02:28:33 GMT

GET
H2 200 style.min.css
face.cx/wp-includes/css/dist/block-library/ 81 KB
11 KB 40ms
38ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 06 Apr 2022 05:50:32 GMT
server: o2switch-PowerBoost-v3
etag: W/"39073-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 rate-my-post.css
face.cx/wp-content/plugins/rate-my-post/public/css/ 10 KB
2 KB 51ms
48ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/plugins/rate-my-post/public/css/rate-my-post.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: ecb8010057b64441334b643f674d75e124d9f5d334cbf8726c9bb7d72da083e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Sun, 06 Feb 2022 02:20:44 GMT
server: o2switch-PowerBoost-v3
etag: W/"39074-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 92ms
33ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: face.cx
URL: https://face.cx/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 21:16:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Jun 2022 22:00:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Jun 2022 22:00:35 GMT

GET
H2 200 style.css
face.cx/wp-content/themes/videolife/ 74 KB
15 KB 64ms
60ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/style.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 60f48084ac22c0d2d2c651da3b761f336222c2fa264b56e084f484361e4689a0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39075-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 dark.css
face.cx/wp-content/themes/videolife/ 7 KB
2 KB 75ms
71ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/dark.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 65975c4530a7c473a5144ef55cdc0ab56d43871f3785176d49d5f2695ab53073

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39076-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 responsive.css
face.cx/wp-content/themes/videolife/ 8 KB
2 KB 86ms
83ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/responsive.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 34be3e9301d97a3236e044da4540d5b4514f4966f4fe28956fa1c46eeb20addc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39077-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 font-awesome.css
face.cx/wp-content/themes/videolife/assets/css/ 72 KB
13 KB 100ms
97ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/assets/css/font-awesome.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39078-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 genericons.css
face.cx/wp-content/themes/videolife/genericons/ 154 B
375 B 111ms
109ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/genericons/genericons.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: "39079-1655126763;;;"
content-type: text/css
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 154
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 front.min.css
face.cx/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 123ms
121ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/plugins/cookie-notice/css/front.min.css
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 840711eaa754b000831567752cc1f5e460bd0f0097be8cb273230834a1a3a7a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Tue, 07 Dec 2021 21:26:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39080-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 jquery.min.js Show response
face.cx/wp-includes/js/jquery/ 87 KB
31 KB 139ms
137ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-includes/js/jquery/jquery.min.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 10 Mar 2021 20:37:24 GMT
server: o2switch-PowerBoost-v3
etag: W/"39081-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 jquery-migrate.min.js Show response
face.cx/wp-includes/js/jquery/ 11 KB
4 KB 150ms
148ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
server: o2switch-PowerBoost-v3
etag: W/"39082-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H/1.1 403
Forbidden 87579e4de6946e14567ef19107e736de.js
driftstupidityopponent.com/87/57/9e/ 0
0 1032ms
107ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://driftstupidityopponent.com/87/57/9e/87579e4de6946e14567ef19107e736de.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 22:00:35 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
driftstupidityopponent.com/172a1667a65d97d3a17a631a502a659f/ 0
0 799ms
118ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://driftstupidityopponent.com/172a1667a65d97d3a17a631a502a659f/invoke.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 22:00:35 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 rate-my-post.js Show response
face.cx/wp-content/plugins/rate-my-post/public/js/ 24 KB
5 KB 162ms
160ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/plugins/rate-my-post/public/js/rate-my-post.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 2248d914ed026123d24771f29b755d88e8da4026dbc22de4277aba8dff11fa67

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Sun, 06 Feb 2022 02:20:44 GMT
server: o2switch-PowerBoost-v3
etag: W/"39083-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 superfish.js Show response
face.cx/wp-content/themes/videolife/assets/js/ 7 KB
3 KB 172ms
170ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/assets/js/superfish.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39084-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 html5.js Show response
face.cx/wp-content/themes/videolife/assets/js/ 10 KB
3 KB 184ms
183ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/assets/js/html5.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39085-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 owl.carousel.js Show response
face.cx/wp-content/themes/videolife/assets/js/ 94 KB
21 KB 199ms
198ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/assets/js/owl.carousel.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 9bdac65572c023fce4d65e4416737e456b6aba65001fdda82393892551e2ecca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39086-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
face.cx/wp-content/themes/videolife/assets/js/ 16 KB
4 KB 211ms
210ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/assets/js/theia-sticky-sidebar.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 41f806a19a20885a156ceb760f01b4fddc9e037b0f94dbbdaf33c53077f5fc08

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39087-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 index.js Show response
face.cx/wp-content/themes/videolife/assets/js/ 30 KB
7 KB 222ms
221ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/assets/js/index.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 451eafb7d94660f1f623b54dbd45b2ed31ccc16d7fbe89e08b3d1413831e3b99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39088-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 jquery.custom.js Show response
face.cx/wp-content/themes/videolife/assets/js/ 4 KB
1 KB 233ms
232ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/assets/js/jquery.custom.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 042a2008916456240629c3fd2815eb35a21b423659ff62b12d107490cfd232e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39089-1655126763;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 front.min.js Show response
face.cx/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 27ms
26ms Script
application/javascript 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/plugins/cookie-notice/js/front.min.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:35 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Tue, 07 Dec 2021 21:26:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39091-1655126764;;;"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:04 GMT

GET
H2 200 genericons.css
face.cx/wp-content/themes/videolife/genericons/genericons/ 28 KB
16 KB 136ms
136ms Stylesheet
text/css 185.154.138.65
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://face.cx/wp-content/themes/videolife/genericons/genericons/genericons.css
Requested by: Host: face.cx
URL: https://face.cx/wp-content/themes/videolife/genericons/genericons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.154.138.65 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
Software: o2switch-PowerBoost-v3 /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://face.cx/wp-content/themes/videolife/genericons/genericons.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 22:00:34 GMT
content-encoding: br
x-lsadc-cache: hit
last-modified: Wed, 02 Feb 2022 11:09:09 GMT
server: o2switch-PowerBoost-v3
etag: W/"39090-1655126763;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
expires: Tue, 13 Jun 2023 19:26:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://face.cx
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 10361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 90ms
32ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://face.cx
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 566094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 08:45:42 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://face.cx
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 403
Forbidden invoke.js
driftstupidityopponent.com/aed4f31a7e426c3e6a76e6d60370befa/ 0
0 118ms
118ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://driftstupidityopponent.com/aed4f31a7e426c3e6a76e6d60370befa/invoke.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://face.cx/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 22:00:36 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
driftstupidityopponent.com/0caea6b98f16ace5cdd7c98a53461878/ 0
0 113ms
113ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://driftstupidityopponent.com/0caea6b98f16ace5cdd7c98a53461878/invoke.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://face.cx/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 22:00:36 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
driftstupidityopponent.com/67420d005af86825eee848a62b130d97/ 0
0 116ms
115ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://driftstupidityopponent.com/67420d005af86825eee848a62b130d97/invoke.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://face.cx/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 22:00:36 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
driftstupidityopponent.com/451c3d1760c783a76d1fa3ac6f54bd8d/ 0
0 109ms
109ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://driftstupidityopponent.com/451c3d1760c783a76d1fa3ac6f54bd8d/invoke.js
Requested by: Host: face.cx
URL: https://face.cx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://face.cx/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 22:00:36 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: driftstupidityopponent.com
URL: https://driftstupidityopponent.com/172a1667a65d97d3a17a631a502a659f/invoke.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| litespeed_docref undefined| $ function| jQuery object| atOptions object| rmp_frontend object| RateMyPost object| webpackJsonpRateMyPost object| html5 object| videolife function| videolifeDomReady function| videolifeToggleAttribute function| videolifeMenuToggle function| videolifeFindParents object| cnArgs

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.face.cx/	1970-01-20 04:07:33	Name: o2s-chl Value: d146d272a673383e62e5255febdb1d410d8f0463c1fc6642aeea0d13b6b7ca87
			face.cx/	1970-01-20 03:48:50	Name: _lscache_vary Value: 7331ca9ce8c3d014e1c398e362a0e785
			.face.cx/	1970-01-20 03:48:50	Name: _lscache_vary Value: 4c262f8c9381abdd11d7c7343324005d

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://driftstupidityopponent.com/87/57/9e/87579e4de6946e14567ef19107e736de.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://face.cx/(Line 206) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/aed4f31a7e426c3e6a76e6d60370befa/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://face.cx/(Line 206) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/aed4f31a7e426c3e6a76e6d60370befa/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://driftstupidityopponent.com/172a1667a65d97d3a17a631a502a659f/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://driftstupidityopponent.com/aed4f31a7e426c3e6a76e6d60370befa/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://face.cx/(Line 286) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/0caea6b98f16ace5cdd7c98a53461878/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://face.cx/(Line 286) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/0caea6b98f16ace5cdd7c98a53461878/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://driftstupidityopponent.com/0caea6b98f16ace5cdd7c98a53461878/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://face.cx/(Line 318) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/67420d005af86825eee848a62b130d97/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://face.cx/(Line 318) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/67420d005af86825eee848a62b130d97/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://driftstupidityopponent.com/67420d005af86825eee848a62b130d97/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://face.cx/(Line 367) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/451c3d1760c783a76d1fa3ac6f54bd8d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://face.cx/(Line 367) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://driftstupidityopponent.com/451c3d1760c783a76d1fa3ac6f54bd8d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://driftstupidityopponent.com/451c3d1760c783a76d1fa3ac6f54bd8d/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

driftstupidityopponent.com
face.cx
fonts.googleapis.com
fonts.gstatic.com
driftstupidityopponent.com
185.154.138.65
192.243.61.225
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
042a2008916456240629c3fd2815eb35a21b423659ff62b12d107490cfd232e5
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2248d914ed026123d24771f29b755d88e8da4026dbc22de4277aba8dff11fa67
34be3e9301d97a3236e044da4540d5b4514f4966f4fe28956fa1c46eeb20addc
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
41f806a19a20885a156ceb760f01b4fddc9e037b0f94dbbdaf33c53077f5fc08
451eafb7d94660f1f623b54dbd45b2ed31ccc16d7fbe89e08b3d1413831e3b99
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f
60f48084ac22c0d2d2c651da3b761f336222c2fa264b56e084f484361e4689a0
65975c4530a7c473a5144ef55cdc0ab56d43871f3785176d49d5f2695ab53073
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
840711eaa754b000831567752cc1f5e460bd0f0097be8cb273230834a1a3a7a2
9bdac65572c023fce4d65e4416737e456b6aba65001fdda82393892551e2ecca
a13d9ec0c8cc24f20fe64432e06573032ca27af5d0069dff0b4488fb2ecdb79b
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a57cc8a172849708ce3b384701b9e663d52866c516db5505ab178ce720706bfa
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ecb8010057b64441334b643f674d75e124d9f5d334cbf8726c9bb7d72da083e2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615