www.dailyfaceoff.com Open in urlscan Pro
2606:4700:20::ac43:4488 Public Scan

URL:
https://www.dailyfaceoff.com/
Submission: On July 23 via manual (July 23rd 2021, 2:17:49 pm UTC) from CA

Summary HTTP 286 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 67 IPs in 7 countries across 46 domains to perform 286 HTTP transactions. The main IP is 2606:4700:20::ac43:4488, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dailyfaceoff.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2021. Valid for: a year.

This is the only time www.dailyfaceoff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
51	2606:4700:20:... 2606:4700:20::ac43:4488	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.212.255.151 199.212.255.151	25948 (FHMNET) (FHMNET)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
15	2606:4700:10:... 2606:4700:10::6816:325d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.145.106 13.226.145.106	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3036::ac43:8e96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	54.243.196.16 54.243.196.16	14618 (AMAZON-AES) (AMAZON-AES)
5	52.218.181.112 52.218.181.112	16509 (AMAZON-02) (AMAZON-02)
3	104.248.66.5 104.248.66.5	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	107.22.147.121 107.22.147.121	14618 (AMAZON-AES) (AMAZON-AES)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
5	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2 4	204.16.246.215 204.16.246.215	20326 (TERASWITCH) (TERASWITCH)
2	13.226.145.35 13.226.145.35	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:3da8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 9	13.226.145.29 13.226.145.29	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3ca8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.217.89.92 52.217.89.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
17	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
7	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	204.16.246.216 204.16.246.216	20326 (TERASWITCH) (TERASWITCH)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
11	13.226.145.125 13.226.145.125	16509 (AMAZON-02) (AMAZON-02)
5	34.224.251.126 34.224.251.126	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.225.171.108 54.225.171.108	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4232:b83a:59ae:1899:bbf2	14618 (AMAZON-AES) (AMAZON-AES)
1	3.122.214.52 3.122.214.52	16509 (AMAZON-02) (AMAZON-02)
1	18.195.75.70 18.195.75.70	16509 (AMAZON-02) (AMAZON-02)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1 7	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	44.229.66.179 44.229.66.179	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	64.233.184.155 64.233.184.155	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4007:80d::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:401e:28::a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4 6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
7	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	35.156.106.231 35.156.106.231	16509 (AMAZON-02) (AMAZON-02)
3 6	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
286	67

51 2606:4700:20::ac43:4488 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dailyfaceoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.212.255.151 (Canada)

ASN25948 (FHMNET, CA)

s.dblks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:325d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-106.dus51.r.cloudfront.net

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8e96 (United States)

ASN13335 (CLOUDFLARENET, US)

static.thenationnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.243.196.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-196-16.compute-1.amazonaws.com

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.218.181.112 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.248.66.5 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

api.dailyfaceoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.22.147.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-147-121.compute-1.amazonaws.com

odds.oddsshark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.16.246.215 (Pittsburgh, United States) 2 redirects

ASN20326 (TERASWITCH, US)

html5-player.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.145.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-35.dus51.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:3da8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.226.145.29 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-29.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3ca8 (United States)

ASN13335 (CLOUDFLARENET, US)

vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.89.92 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

chalk-images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

static.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl-static.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.16.246.216 (Pittsburgh, United States) 6 redirects

ASN20326 (TERASWITCH, US)

assets.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.226.145.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-125.dus51.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.224.251.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-251-126.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.242 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.225.171.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-171-108.compute-1.amazonaws.com

timber.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:b83a:59ae:1899:bbf2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pi979-10rsz.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-52.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.75.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-75-70.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

sendtonews-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.229.66.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-66-179.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.155 (United States)

ASN15169 (GOOGLE, US)

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4007:80d::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401e:28::a (Ireland)

ASN15169 (GOOGLE, US)

r5---sn-4g5ednsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.106.231 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.234 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.251 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	dailyfaceoff.com www.dailyfaceoff.com api.dailyfaceoff.com	474 KB
34	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	612 KB
27	libsyn.com 8 redirects html5-player.libsyn.com static.libsyn.com assets.libsyn.com ssl-static.libsyn.com	2 MB
24	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	189 KB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	51 KB
15	datatables.net cdn.datatables.net	68 KB
12	sendtonews.com embed.sendtonews.com player.sendtonews.com s2l.sendtonews.com timber.sendtonews.com	103 KB
11	cloudfront.net d29xw9s9x32j3w.cloudfront.net	525 KB
9	scorecardresearch.com 3 redirects sb.scorecardresearch.com	5 KB
9	wp.com i1.wp.com i0.wp.com s0.wp.com	266 KB
7	openx.net 1 redirects sendtonews-d.openx.net u.openx.net eu-u.openx.net us-u.openx.net	2 KB
7	bootstrapcdn.com maxcdn.bootstrapcdn.com	150 KB
7	amazonaws.com s3-us-west-2.amazonaws.com chalk-images.s3.amazonaws.com	64 KB
7	googleapis.com fonts.googleapis.com imasdk.googleapis.com	310 KB
6	yahoo.com 3 redirects ups.analytics.yahoo.com	5 KB
6	cloudflare.com cdnjs.cloudflare.com	811 KB
5	advertising.com 4 redirects ads.adaptv.advertising.com pixel.advertising.com	2 KB
5	stripe.com checkout.stripe.com js.stripe.com m.stripe.com	61 KB
4	adsrvr.org 2 redirects match.adsrvr.org	2 KB
4	rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	vuukle.com cdn.vuukle.com vuukle.com	39 KB
4	google.com 2 redirects apis.google.com www.google.com adservice.google.com	22 KB
3	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r5---sn-4g5ednsr.c.2mdn.net	2 MB
3	gravatar.com secure.gravatar.com	10 KB
2	adform.net 2 redirects c1.adform.net	924 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	669 B
2	stripe.network m.stripe.network	19 KB
2	facebook.com www.facebook.com	103 B
2	jsdelivr.net cdn.jsdelivr.net	58 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	taboola.com cdn.taboola.com	147 KB
2	facebook.net connect.facebook.net	98 KB
2	oddsshark.com odds.oddsshark.com	3 KB
2	thenationnetwork.com static.thenationnetwork.com
2	dblks.net s.dblks.net	22 KB
1	quantserve.com 1 redirects pixel.quantserve.com	499 B
1	mathtag.com 1 redirects sync.mathtag.com	599 B
1	rlcdn.com api.rlcdn.com	225 B
1	spotxchange.com search.spotxchange.com	1 KB
1	casalemedia.com htlb.casalemedia.com	376 B
1	tremorhub.com pi979-10rsz.ads.tremorhub.com	422 B
1	pubmatic.com hbopenbid.pubmatic.com	120 B
1	adnxs.com ib.adnxs.com	1 KB
1	resonate.com cdn.resonate.com	169 B
1	indexww.com js-sec.indexww.com	13 KB
1	googletagmanager.com www.googletagmanager.com	51 KB
286	46

	Domain	Requested by
51	www.dailyfaceoff.com	www.dailyfaceoff.com
23	www.gstatic.com	www.dailyfaceoff.com www.google.com www.gstatic.com
15	cdn.datatables.net	www.dailyfaceoff.com
11	d29xw9s9x32j3w.cloudfront.net	player.sendtonews.com www.dailyfaceoff.com cdnjs.cloudflare.com
11	static.libsyn.com	html5-player.libsyn.com static.libsyn.com
9	googleads.g.doubleclick.net	www.dailyfaceoff.com
9	sb.scorecardresearch.com	3 redirects cdn.taboola.com www.dailyfaceoff.com
8	fonts.gstatic.com	fonts.googleapis.com
7	ade.googlesyndication.com	www.dailyfaceoff.com
7	maxcdn.bootstrapcdn.com	html5-player.libsyn.com maxcdn.bootstrapcdn.com
7	pagead2.googlesyndication.com	s.dblks.net srcdoc www.dailyfaceoff.com tpc.googlesyndication.com
6	ups.analytics.yahoo.com	3 redirects www.dailyfaceoff.com
6	ssl-static.libsyn.com	html5-player.libsyn.com
6	assets.libsyn.com	6 redirects
6	cdnjs.cloudflare.com	www.dailyfaceoff.com player.sendtonews.com
5	cm.g.doubleclick.net	4 redirects u.openx.net
5	s2l.sendtonews.com	www.dailyfaceoff.com
5	s3-us-west-2.amazonaws.com	www.dailyfaceoff.com
5	i0.wp.com	www.dailyfaceoff.com
5	fonts.googleapis.com	www.dailyfaceoff.com html5-player.libsyn.com player.sendtonews.com
4	pixel.advertising.com	4 redirects
4	match.adsrvr.org	2 redirects js-sec.indexww.com u.openx.net
4	html5-player.libsyn.com	2 redirects www.dailyfaceoff.com
4	securepubads.g.doubleclick.net	www.dailyfaceoff.com securepubads.g.doubleclick.net cdn.vuukle.com
3	csi.gstatic.com	imasdk.googleapis.com
3	pubads.g.doubleclick.net	player.sendtonews.com imasdk.googleapis.com www.dailyfaceoff.com
3	timber.sendtonews.com	player.sendtonews.com
3	cdn.vuukle.com	www.dailyfaceoff.com cdn.vuukle.com
3	secure.gravatar.com	www.dailyfaceoff.com secure.gravatar.com
3	js.stripe.com	www.dailyfaceoff.com js.stripe.com
3	api.dailyfaceoff.com	www.dailyfaceoff.com
3	i1.wp.com	www.dailyfaceoff.com
2	c1.adform.net	2 redirects
2	us-u.openx.net	u.openx.net
2	eu-u.openx.net	u.openx.net
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net eus.rubiconproject.com
2	u.openx.net	1 redirects d29xw9s9x32j3w.cloudfront.net
2	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	imasdk.googleapis.com	player.sendtonews.com imasdk.googleapis.com
2	www.facebook.com	www.dailyfaceoff.com connect.facebook.net
2	cdn.jsdelivr.net	html5-player.libsyn.com
2	www.google-analytics.com	www.googletagmanager.com www.dailyfaceoff.com
2	chalk-images.s3.amazonaws.com	www.dailyfaceoff.com odds.oddsshark.com
2	player.sendtonews.com	embed.sendtonews.com
2	cdn.taboola.com	www.dailyfaceoff.com cdn.taboola.com
2	connect.facebook.net	www.dailyfaceoff.com connect.facebook.net
2	odds.oddsshark.com	www.dailyfaceoff.com odds.oddsshark.com
2	embed.sendtonews.com	www.dailyfaceoff.com player.sendtonews.com
2	static.thenationnetwork.com	www.dailyfaceoff.com
2	www.google.com	2 redirects
2	s.dblks.net	www.dailyfaceoff.com s.dblks.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	googleads4.g.doubleclick.net	www.dailyfaceoff.com
1	r5---sn-4g5ednsr.c.2mdn.net	www.dailyfaceoff.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	adservice.google.com	imasdk.googleapis.com
1	m.stripe.com	m.stripe.network
1	api.rlcdn.com	js-sec.indexww.com
1	search.spotxchange.com	d29xw9s9x32j3w.cloudfront.net
1	sendtonews-d.openx.net	d29xw9s9x32j3w.cloudfront.net
1	htlb.casalemedia.com	d29xw9s9x32j3w.cloudfront.net
1	prebid-server.rubiconproject.com	d29xw9s9x32j3w.cloudfront.net
1	ads.adaptv.advertising.com	d29xw9s9x32j3w.cloudfront.net
1	pi979-10rsz.ads.tremorhub.com	d29xw9s9x32j3w.cloudfront.net
1	hbopenbid.pubmatic.com	d29xw9s9x32j3w.cloudfront.net
1	ib.adnxs.com	d29xw9s9x32j3w.cloudfront.net
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.resonate.com	player.sendtonews.com
1	js-sec.indexww.com	player.sendtonews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vuukle.com	cdn.vuukle.com
1	www.googletagmanager.com	www.dailyfaceoff.com
1	s0.wp.com	www.dailyfaceoff.com
1	checkout.stripe.com	www.dailyfaceoff.com
1	apis.google.com	www.dailyfaceoff.com
286	80

This site contains links to these domains. Also see Links.

Domain
puckpedia.com
soundcloud.com
www.facebook.com
www.twitter.com
www.instagram.com
bluejaysnation.com
wingsnation.com
canucksarmy.com
oilersnation.com
flamesnation.ca
jetsnation.ca
theleafsnation.com
www.hockeyfights.com
nhlnumbers.com
www.dailyfantasycafe.com
www.oddsshark.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh
s.dblks.net R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.sendtonews.com Amazon	`2021-06-17` - `2022-07-16`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
api.dailyfaceoff.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.oddsshark.com Gandi Standard SSL CA 2	`2020-06-02` - `2022-03-13`	2 years	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.libsyn.com Sectigo ECC Organization Validation Secure Server CA	`2020-06-11` - `2022-06-09`	2 years	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-07-13` - `2021-09-21`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.dailyfaceoff.com/
Frame ID: 9E048E2200B806F297338284AD14FE35
Requests: 156 HTTP requests in this frame

Frame: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Frame ID: C7EEDA8F7CB93AADDBDB6D47C918D9E3
Requests: 14 HTTP requests in this frame

Frame: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Frame ID: 836F0227C32EE2A9801167E550F3D091
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Frame ID: 038870F86E1D0CF9BA4467950FDF9F34
Requests: 2 HTTP requests in this frame

Frame: https://player.sendtonews.com/player7/player/65.18.9/player.js
Frame ID: C2C3ACB6D75114BB33A9BEB4E9095B3F
Requests: 55 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3F86B9892D21637AD2D40DFE8B0E49F2
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: 3E2C211C36BC4BE7865D063293FC3F18
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D1AC8AB60A67DDE27FD75E48A288254A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 57C1AF82DE1EAC5ECC87CC59935AACC2
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: F971249071FA25E49ED27A28FE666D1B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8BD47FE88936D59DF367771661A724A7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

286
Requests

99 %
HTTPS

42 %
IPv6

46
Domains

80
Subdomains

67
IPs

7
Countries

8149 kB
Transfer

15677 kB
Size

6
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://puckpedia.com/
Title: PuckPedia.com

Search URL Search Domain Scan URL

URL: https://soundcloud.com/dailyfaceoff-podcast
Title: Podcast

Search URL Search Domain Scan URL

URL: http://www.facebook.com/dailyfaceoff

Search URL Search Domain Scan URL

URL: http://www.twitter.com/dailyfaceoff

Search URL Search Domain Scan URL

URL: http://www.instagram.com/dailyfaceoff

Search URL Search Domain Scan URL

URL: http://bluejaysnation.com/
Title: BLUEJAYSNATION

Search URL Search Domain Scan URL

URL: http://wingsnation.com/
Title: WINGSNATION

Search URL Search Domain Scan URL

URL: http://canucksarmy.com/
Title: CANUCKSARMY

Search URL Search Domain Scan URL

URL: http://oilersnation.com/
Title: OILERSNATION

Search URL Search Domain Scan URL

URL: http://flamesnation.ca/
Title: FLAMESNATION

Search URL Search Domain Scan URL

URL: http://jetsnation.ca/
Title: JETSNATION

Search URL Search Domain Scan URL

URL: http://theleafsnation.com/
Title: THELEAFSNATION

Search URL Search Domain Scan URL

URL: http://www.hockeyfights.com/
Title: HOCKEYFIGHTS

Search URL Search Domain Scan URL

URL: https://puckpedia.com/players/
Title: Player Dashboard

Search URL Search Domain Scan URL

URL: https://puckpedia.com/draft
Title: NHL Draft Tracker

Search URL Search Domain Scan URL

URL: https://puckpedia.com/salary-cap
Title: Ask the Capologist

Search URL Search Domain Scan URL

URL: https://puckpedia.com/user/login
Title: myPuckPedia GM Mode

Search URL Search Domain Scan URL

URL: https://oilersnation.com/
Title: Edmonton Oilers news

Search URL Search Domain Scan URL

URL: https://oilersnation.com/edmonton-oilers-roster/
Title: Oilers Roster

Search URL Search Domain Scan URL

URL: http://nhlnumbers.com/
Title: NHL Salary Caps

Search URL Search Domain Scan URL

URL: http://nhlnumbers.com/player-salaries
Title: NHL Player salaries

Search URL Search Domain Scan URL

URL: http://nhlnumbers.com/team-salaries
Title: NHL Team Salaries

Search URL Search Domain Scan URL

URL: https://www.dailyfantasycafe.com/draftkings-promo-code
Title: Draftkings promotional code

Search URL Search Domain Scan URL

URL: https://www.dailyfantasycafe.com/fanduel-promos
Title: Fanduel tv promo code

Search URL Search Domain Scan URL

URL: http://www.oddsshark.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.google.com/jsapi?key=ABQIAAAAwiMIIqyxlauCZEq6HtcucRTTYR0KKJf1MG_bG2L87OL-9TJ3qxSMR4NxjcYPpxiRKPcv3o2vl4ibMg HTTP 301
https://www.gstatic.com/charts/loader.js?key=ABQIAAAAwiMIIqyxlauCZEq6HtcucRTTYR0KKJf1MG_bG2L87OL-9TJ3qxSMR4NxjcYPpxiRKPcv3o2vl4ibMg

Request Chain 38

https://www.google.com/jsapi?ver=5.5.3 HTTP 301
https://www.gstatic.com/charts/loader.js?ver=5.5.3

Request Chain 100

https://html5-player.libsyn.com/embed/destination/id/2625857/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/ HTTP 302
https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Request Chain 113

https://html5-player.libsyn.com/embed/destination/id/2625857/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/ HTTP 302
https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Request Chain 130

https://sb.scorecardresearch.com/b?c1=2&c2=11441895&ns__t=1627049847830&ns_c=UTF-8&c8=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=11441895&ns__t=1627049847830&ns_c=UTF-8&c8=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c9=

Request Chain 160

https://assets.libsyn.com/secure/content/107866706?height=100&width=100&overlay=true HTTP 302
https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png

Request Chain 171

https://assets.libsyn.com/secure/content/107866706?height=100&width=100&overlay=true HTTP 302
https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png

Request Chain 191

https://assets.libsyn.com/secure/content/107866706?width=0&height=0&overlay=true&player_time=1627049848231 HTTP 302
https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png

Request Chain 192

https://assets.libsyn.com/secure/content/107866706 HTTP 302
https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png

Request Chain 195

https://assets.libsyn.com/secure/content/107866706?width=302&height=360&overlay=true&player_time=1627049848261 HTTP 302
https://ssl-static.libsyn.com/p/assets/0/0/8/5/0085f3a8766a175227a2322813b393ee/height_360_width_302_overlay_Untitled_design_1.png

Request Chain 196

https://assets.libsyn.com/secure/content/107866706 HTTP 302
https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png

Request Chain 226

https://sb.scorecardresearch.com/c2/11441895/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 244

https://gcdn.2mdn.net/videoplayback/id/3efde2296afe327c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1658585850/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1492CE08AB1F4F00B1A67F8F98C43EB9A830564F.929274420F71C7BE4B2B5FD11FB149577295400D/key/ck2/file/file.mp4?cpn=NiWqkNQwLGL4Pepr HTTP 302
https://r5---sn-4g5ednsr.c.2mdn.net/videoplayback/id/3efde2296afe327c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1658585850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/710FFD79947F699F387E64B184245CBCE400AAF4.398E15A39A53E96B4F9E5F6FA6D07FEE62B2AA5B/key/cms1/cms_redirect/yes/mh/1h/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1627049551/mv/m/mvi/5/pl/52?cpn=NiWqkNQwLGL4Pepr&file=file.mp4

Request Chain 264

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 266

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiODVhMGViZS1lYmMwLTExZWItOGM1Mi0wNjJjN2Q0MmIwOWE%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEK6Mu62B64zKD0D6lp7djs4&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK6Mu62B64zKD0D6lp7djs4&google_cver=1&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a

Request Chain 267

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a&verify=true

Request Chain 268

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ece48222-8560-4ced-a151-8d71ba5753c1&_origin=1&gdpr=1&gdpr_consent=

Request Chain 269

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=041d60fa-cf7c-4800-9c3e-4029ad42fb1b

Request Chain 270

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K6KUxX70xccwpJOULqXflCn0kcEw9pORKvEbOO_y

Request Chain 271

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1372736530039405411

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA3ZmYwNWEtZDZjMC0yYThhLWUzYzctOTUzZGJjODMzMmVl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA3ZmYwNWEtZDZjMC0yYThhLWUzYzctOTUzZGJjODMzMmVl&google_tc=

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENprJVg5ZHhy4c4yC2WAZok&google_cver=1

Request Chain 283

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1627049848917&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10034&ns_st_cl=15000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1426890&ns_st_pt=10034&ns_st_dpt=10034&ns_st_ipt=10034&ns_st_ap=10034&ns_st_dap=10034&ns_st_et=10034&ns_st_det=10034&ns_st_upc=10034&ns_st_dupc=10034&ns_st_iupc=10034&ns_st_upa=10034&ns_st_dupa=10034&ns_st_iupa=10034&ns_st_lpc=10034&ns_st_dlpc=10034&ns_st_lpa=10034&ns_st_dlpa=10034&ns_st_pa=10034&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1627049860351&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=WHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c8=&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1627049848917&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10034&ns_st_cl=15000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1426890&ns_st_pt=10034&ns_st_dpt=10034&ns_st_ipt=10034&ns_st_ap=10034&ns_st_dap=10034&ns_st_et=10034&ns_st_det=10034&ns_st_upc=10034&ns_st_dupc=10034&ns_st_iupc=10034&ns_st_upa=10034&ns_st_dupa=10034&ns_st_iupa=10034&ns_st_lpc=10034&ns_st_dlpc=10034&ns_st_lpa=10034&ns_st_dlpa=10034&ns_st_pa=10034&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1627049860351&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=WHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c8=&c9=

286 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.dailyfaceoff.com/ 121 KB
21 KB 240ms
214ms Document
text/html 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a00ee542233ba8012bc0a1f62c24cebd2fcb7505dfdd3877bfaec7c7851ec90

Request headers

:method: GET
:authority: www.dailyfaceoff.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-type: text/html; charset=UTF-8
link: <https://www.dailyfaceoff.com/wp-json/>; rel="https://api.w.org/", <https://www.dailyfaceoff.com/wp-json/wp/v2/pages/43487>; rel="alternate"; type="application/json", <https://www.dailyfaceoff.com/>; rel=shortlink
cache-provider: CLOUDWAYS-CACHE-DC
vary: Accept-Encoding
last-modified: Fri, 23 Jul 2021 10:36:03 GMT
age: 13282
x-cache: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OywHUsXwB8wbc6fLBqAi%2FlG%2FmT0WSzDlnT0%2BVRINYQ3NF8IFJx7V0CGzKrmCIXXKNveAN73H%2Fr%2F5aWY5cToo58Fc%2BjfSB2B3qocZBk90yvH%2B08aUcdxHk8HMn2QFCLt3ja4IErxalfrRpEyuKg1qhZWF"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6735883aedb81f51-FRA
content-encoding: br

GET
H/1.1 200
OK db.2633921.js Show response
s.dblks.net/ff/ 64 KB
19 KB 333ms
104ms Script
application/javascript 199.212.255.151
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dblks.net/ff/db.2633921.js
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.151 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c6adcc64ffd6ab1c2efda96c6cad38815b8d2589635ad62413c563e2a499ea6d

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 18:38:23 GMT
Server: nginx/1.16.1
ETag: W/"6080711f-ff03"
Transfer-Encoding: chunked
X-FW-Version: modern
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dailyfaceoff.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 103ms
34ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

d8f9178e1ced3654cf7ae47b53c366f574f2ccdf4177189cc2bbf78117cb6db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "937 / 128 of 1000 / last-modified: 1627038728"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24851
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:17:25 GMT

GET
H2 200 logos.css
www.dailyfaceoff.com/wp-content/themes/freshnews/ 8 KB
1 KB 21ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/logos.css
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ccfda6e9a99ba82f041d998856aff7a2422708ef4c46a5cd119f0a02598409

Request headers

:path: /wp-content/themes/freshnews/logos.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=9457
cf-bgj: minify
last-modified: Mon, 09 Jul 2018 21:19:34 GMT
server: cloudflare
etag: W/"5b43d166-24f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5qQ0SOs6ZQKQDG4YwhfmDf1iLIs7isYk81U3CUYJ%2Bpi5wUPmRGkXtPY54RDSUD8soaQub7Gf02rq1GnX1pmtNTVLiY%2Fosm%2BU9lAJ4vmy348mW8CazP61dY5zfvsrm6CnX1o57of6I7dHxr8Q8COXh95"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c4f911f51-FRA
expires: Sat, 24 Jul 2021 04:08:46 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 59ms
28ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2kXhGKYbk1UaVE1INJmsew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "30d1d2919676634bf2aebe648f84c2ce"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-2kXhGKYbk1UaVE1INJmsew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 23 Jul 2021 14:17:26 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi?key=ABQIAAAAwiMIIqyxlauCZEq6HtcucRTTYR0KKJf1MG_bG2L87OL-9TJ3qxSMR4NxjcYPpxiRKPcv3o2vl4ibMg
https://www.gstatic.com/charts/loader.js?key=ABQIAAAAwiMIIqyxlauCZEq6HtcucRTTYR0KKJf1MG_bG2L87OL-9TJ3qxSMR4NxjcYPpxiRKPcv3o2vl4ibMg

65 KB
20 KB

44ms
7ms

Script
text/javascript

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js?key=ABQIAAAAwiMIIqyxlauCZEq6HtcucRTTYR0KKJf1MG_bG2L87OL-9TJ3qxSMR4NxjcYPpxiRKPcv3o2vl4ibMg

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:29:50 GMT

Redirect headers

date: Fri, 23 Jul 2021 14:17:25 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js?key=ABQIAAAAwiMIIqyxlauCZEq6HtcucRTTYR0KKJf1MG_bG2L87OL-9TJ3qxSMR4NxjcYPpxiRKPcv3o2vl4ibMg
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 328
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:47:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
943 B 20ms
13ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1a98b3fd6a0743811a55ee366e11bc5522aa075c97a9b7df8598323f56fac51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 14:17:25 GMT
server: ESF
date: Fri, 23 Jul 2021 14:17:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Jul 2021 14:17:25 GMT

GET
H2 200 app.css
www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/css/ 209 KB
34 KB 34ms
24ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/css/app.css?ver=4.3.15
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77ef4957a04533686a17de88e557ef77c46dddf18565eb7bbc820040e6070324

Request headers

:path: /wp-content/themes/freshnews/nationnetwork/assets/css/app.css?ver=4.3.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 29862
cf-polished: origSize=215996
cf-bgj: minify
last-modified: Sat, 19 Dec 2020 23:32:09 GMT
server: cloudflare
etag: W/"5fde8d79-34bbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJDFKECdC9qjlJMBe6MQlf61qpbYqFhPWuQSi%2B4%2FPGI4x83PsxN3EZhXgOviQGxeyEXUDHgwceI21IbRPFeqSNEcWDhYQAd9zBktzbDuZxc%2BtrBmqMnBfNPfWH%2FZVlBZ%2BURec%2BnOeGDnZSipcdpQQLBy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5fa01f51-FRA
expires: Fri, 23 Jul 2021 21:39:07 GMT

GET
H2 200 style.css
www.dailyfaceoff.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 30ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/css/dist/block-library/style.css?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419bc457781431b3b9fa1f2fad33dabc6e2b58aa5aeacb9b642ab0a299dec6e4

Request headers

:path: /wp-includes/css/dist/block-library/style.css?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=65059
cf-bgj: minify
last-modified: Sun, 01 Nov 2020 22:00:35 GMT
server: cloudflare
etag: W/"5f9f3003-fe23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1Tpcslqb0kRrbBAkHoDXf2r3BlC4G2j9jPdQDusD700MBffKssaWVn8Krus6y0dprDj%2FSMP9OC%2BKn%2BiG9ZTt2aiBBB5uJKqH6td2QJkk%2F4Y0tS%2Bb8H8TpHGDzL62DoHyYq207ykcBxGl2vjraxhCcGR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5fa31f51-FRA
expires: Fri, 23 Jul 2021 20:32:16 GMT

GET
H2 200 styles.css
www.dailyfaceoff.com/wp-content/plugins/contact-form-7/includes/css/ 1 KB
885 B 29ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.2
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa234ba8fea30f028f728b42ba027da0baff915759c21129893c18e74de9a43

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=1606
cf-bgj: minify
last-modified: Mon, 09 Jul 2018 21:19:33 GMT
server: cloudflare
etag: W/"5b43d165-646"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKZcOyFO65VqUoh5MkbpRIbsWqw39o1sCASDqlSNRyTrouvJV33i38gbsCUmt2h49%2FSfh7VuWmCb4n%2FHrGGl8r0MOPeMmps1hlwFW5uJw2vJuCvoSZIPKwP6aY75nf4xat8m0H5C2mJz9yv3BHDGkWVA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5faa1f51-FRA
expires: Fri, 23 Jul 2021 03:26:19 GMT

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.10.20/css/ 14 KB
2 KB 51ms
24ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.20/css/jquery.dataTables.min.css?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 27675
content-length: 2109
last-modified: Thu, 10 Jun 2021 17:20:55 GMT
server: cloudflare
etag: "112036c-364c-5c46c9d256507-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78a14e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Jul 2022 06:36:09 GMT

GET
H2 200 buttons.dataTables.min.css
cdn.datatables.net/buttons/1.6.1/css/ 9 KB
2 KB 51ms
24ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/css/buttons.dataTables.min.css?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22cf24dcc0bca1903e7ef36412cf926c0982a1784f828e91037e312c9c14be10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 1841
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "1121582-25b5-5c43d36ef2a16-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78a44e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 select.dataTables.min.css
cdn.datatables.net/select/1.3.1/css/ 4 KB
850 B 43ms
16ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/select/1.3.1/css/select.dataTables.min.css?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

053e24e51e6f01f4284058a32b02bc972986d765e5a024f892de3e1c97bd635e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 686
last-modified: Tue, 08 Jun 2021 08:48:08 GMT
server: cloudflare
etag: "11413f8-f4e-5c43d379c36de-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78a54e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 fixedHeader.dataTables.min.css
cdn.datatables.net/fixedheader/3.1.6/css/ 267 B
497 B 61ms
35ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/fixedheader/3.1.6/css/fixedHeader.dataTables.min.css?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85bdcc2d09902654f8a90043ac9c77e00251d8d30ae75d6510a8605279e8fdaf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 27680
content-length: 157
last-modified: Thu, 10 Jun 2021 17:20:58 GMT
server: cloudflare
etag: "1121758-10b-5c46c9d5a348f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78a64e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Jul 2022 06:36:05 GMT

GET
H2 200 fixedColumns.dataTables.min.css
cdn.datatables.net/fixedcolumns/3.3.0/css/ 327 B
262 B 44ms
18ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/fixedcolumns/3.3.0/css/fixedColumns.dataTables.min.css?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cac99438be2f9aacaf1a63f220f5a4e0fb5f54d443ecde09652a650b0509f8b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 169
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "11204f5-147-5c43d36f0b0b6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78a74e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 responsive.dataTables.min.css
cdn.datatables.net/responsive/2.2.3/css/ 4 KB
1 KB 49ms
23ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/responsive/2.2.3/css/responsive.dataTables.min.css?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec1d2032daf47da420abf0f0e67ab2654648aabdda55e89e6da392b6158c382

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 930
last-modified: Tue, 17 Jul 2018 10:19:02 GMT
server: cloudflare
etag: "13c1e94-f59-5712f467268f2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78a94e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 tooltipster.bundle.css
www.dailyfaceoff.com/wp-content/plugins/nation-infobox/css/ 7 KB
1 KB 47ms
37ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/nation-infobox/css/tooltipster.bundle.css?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e38baa7532f1a40d226d5e83fe7e08e24252814be7bb3dbb82453357968235

Request headers

:path: /wp-content/plugins/nation-infobox/css/tooltipster.bundle.css?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=9678
cf-bgj: minify
last-modified: Mon, 15 Jul 2019 20:54:32 GMT
server: cloudflare
etag: W/"5d2ce808-25ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKB8mvPslcYY53Wy0aw6joUwaojlY0QMnLCVy1V19l6pY8YfZzwOljin8bKjtjLpUALROALmWi7FSl2LzVnR7UysJ3cYpKBTeY%2FPwqOJWGihSdecufOMM%2F7jtqiot%2FlicowkV7o0oI751UERUDKAW0ci"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5fab1f51-FRA
expires: Fri, 23 Jul 2021 20:06:08 GMT

GET
H2 200 tooltipster-sideTip-borderless.min.css
www.dailyfaceoff.com/wp-content/plugins/nation-infobox/css/ 2 KB
638 B 29ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/nation-infobox/css/tooltipster-sideTip-borderless.min.css?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6620536e4cc4c5657f0d4e3ed3664ca9768dbbba345df366c536b4fa045b74ed

Request headers

:path: /wp-content/plugins/nation-infobox/css/tooltipster-sideTip-borderless.min.css?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2019 20:54:32 GMT
server: cloudflare
age: 60248
etag: W/"5d2ce808-70e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xh%2Be68RWwctF6P1HnQ1KjLLC8UAC%2BydWhgB5PGAxSSnYJFzrnEWR4FKVNKJQKWNschk%2BHr25VDZkivV6jUB3J4sDewji7e3zJJd8e3y1lVRQUwwlOyE6LE%2B5NyD6SyCk74wDC3d4hGMTtG%2FD62EnZTJ2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6735883c5fad1f51-FRA
expires: Fri, 23 Jul 2021 20:44:18 GMT

GET
H2 200 tooltipster-overrides.css
www.dailyfaceoff.com/wp-content/plugins/nation-infobox/css/ 1 KB
1022 B 30ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/nation-infobox/css/tooltipster-overrides.css?ver=1.0.4
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38975d33f5e8cb9e72ebb9a19e878cba215cb9cf9ad35ebc7497608c8cc2cc5c

Request headers

:path: /wp-content/plugins/nation-infobox/css/tooltipster-overrides.css?ver=1.0.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=1740
cf-bgj: minify
last-modified: Fri, 04 Oct 2019 18:14:44 GMT
server: cloudflare
etag: W/"5d978c14-6cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xxW43BioGXJkOdx6D8nFCTTJeSO9cLclo0i8SFsUVXvzSvs44SljAY3Kps5DLFuDvFsN5B3S9fBu%2FXjvH%2FZtNbYnAn50tKNaqkNzpUCHqtMzDwktVMM%2Fy0Ruwz4SU%2Fut5geihHalmLIcOgKob%2FR09ai"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5fae1f51-FRA
expires: Fri, 23 Jul 2021 21:58:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
609 B 24ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:46 GMT
server: ESF
date: Fri, 23 Jul 2021 14:17:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Jul 2021 14:17:25 GMT

GET
H2 200 button.css
checkout.stripe.com/v3/checkout/ 4 KB
2 KB 183ms
31ms Stylesheet
text/css 13.226.145.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/v3/checkout/button.css

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-106.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data: blob:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;

Strict-Transport-Security

max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 06 Sep 2017 17:33:42 GMT
server: AmazonS3
age: 314
etag: W/"aa9c16d967e4074a065955880128c839"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control: no-cache
date: Fri, 23 Jul 2021 14:12:52 GMT
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data: blob:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QOL0WyYzwXHof4Hf6r2_X_oZXDdC1JCOB8o-gmfh_YC-bW_BFg21yQ==

GET
H2 200 public.css
www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/ 1 KB
765 B 29ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/public.css?ver=3.6.8
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a46e573f9b9eb47cce21784e56cdee70b9fcb97081c541a82f7936c06f657053

Request headers

:path: /wp-content/plugins/wp-simple-pay-pro-3/assets/css/public.css?ver=3.6.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=1565
cf-bgj: minify
last-modified: Tue, 28 Jan 2020 00:07:50 GMT
server: cloudflare
etag: W/"5e2f7b56-61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FYrXArEyxu1oQj25c0dCSfMFbbi1EIhbhnzydqBCoYxi4E9imBOBbeFhXIxkyIcKJG38vOIRof2uc3x8IHW8R6iS1ODLXTzqKUPapl%2FOpFX1GK7rdjZ9xR0pPJOKVFmoPyf00dDECKVVPwV3G%2F4w5sz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5fb01f51-FRA
expires: Fri, 23 Jul 2021 21:07:47 GMT

GET
H2 200 jquery-ui-cupertino.css
www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/ 31 KB
8 KB 35ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/jquery-ui-cupertino.css?ver=3.6.8
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde48b6e4d8cdc35254b1220b155dd3d995c283c6db0a8c05e200d820ae776f1

Request headers

:path: /wp-content/plugins/wp-simple-pay-pro-3/assets/css/jquery-ui-cupertino.css?ver=3.6.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=36696
cf-bgj: minify
last-modified: Mon, 09 Jul 2018 21:19:34 GMT
server: cloudflare
etag: W/"5b43d166-8f58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZC2gb27pirbfg0XCDI331AX%2Bbmczz58bEXhAQvpp%2FMRexoCIclNJMOKwidjQqWZilaGqXxw299Hb%2B3Xm5fWlUKaPop81TJ%2FGkzBHz8XfoITkqT3cdIO2C2qFOXEQ2pRsA6adJp6AudD5t7uogof3a1a"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5fb11f51-FRA
expires: Fri, 23 Jul 2021 20:32:16 GMT

GET
H2 200 public-pro.css
www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/ 40 KB
4 KB 35ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/public-pro.css?ver=3.6.8
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f8012f2773188bfefb79acfa30f77b08f3b5464aafa61426ed6d85a8ccfabf

Request headers

:path: /wp-content/plugins/wp-simple-pay-pro-3/assets/css/public-pro.css?ver=3.6.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=44214
cf-bgj: minify
last-modified: Tue, 28 Jan 2020 00:07:50 GMT
server: cloudflare
etag: W/"5e2f7b56-acb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btK4wQEgtBBOjReP1gn7oHUp2yZX48v07483kYFdGC711SpOLDwS%2FI5R%2F5BTREnq40lteLTUMjI1pXCKc%2BxHWZUORSOF3vdH7jLxSXrX4%2B0ZPGuEnute1RUQWoTHKolc8GdPOkiKlgWpScFDY1%2F8Xk6U"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6735883c5fb51f51-FRA
expires: Fri, 23 Jul 2021 20:27:21 GMT

GET
H2 200 jquery.js Show response
www.dailyfaceoff.com/wp-includes/js/jquery/ 95 KB
34 KB 39ms
31ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=96873
cf-bgj: minify
last-modified: Tue, 26 Nov 2019 20:29:13 GMT
server: cloudflare
etag: W/"5ddd8b19-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTypMoWhwaaUpDYNAGvuSnFExFDjQif4cuN4XjQ0b41VwcaOHC%2Fmzuq0Lox68AWNGzgPARNJiLllM2nayXUMbvfCLYXt7f22JjGjQ%2B%2BVCFMcLdMP%2B7bIlEydkonH8ExVizZbY8U6%2BiRTg2e7za6SbDqN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6735883c5fb61f51-FRA
expires: Fri, 23 Jul 2021 20:32:16 GMT

GET
H2 403 jquery.waypoints.min.js
static.thenationnetwork.com/js/ 0
0 77ms
16ms Script
text/html 2606:4700:3036::ac43:8e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thenationnetwork.com/js/jquery.waypoints.min.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.20/js/ 82 KB
28 KB 42ms
19ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.20/js/jquery.dataTables.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 28862
last-modified: Tue, 08 Jun 2021 08:47:53 GMT
server: cloudflare
etag: "1120cc2-14961-5c43d36ba6e16-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78b04e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 dataTables.buttons.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ 19 KB
6 KB 41ms
18ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/dataTables.buttons.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 6431
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "1121708-4c4c-5c43d36efaee6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78af4e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 buttons.colVis.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ 3 KB
1 KB 39ms
16ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/buttons.colVis.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78cf05d2f2213696f116bfd8f73837d54c7541fe75e5676301955bf7727203c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904201
content-length: 1026
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "11216f6-b59-5c43d36efa32e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78ba4e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:47:23 GMT

GET
H2 200 buttons.print.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ 2 KB
1 KB 39ms
17ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/buttons.print.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 27680
content-length: 1160
last-modified: Thu, 10 Jun 2021 17:20:57 GMT
server: cloudflare
etag: "11216fb-8fe-5c46c9d441c4f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78b34e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Jul 2022 06:36:04 GMT

GET
H2 200 pdfmake.min.js Show response
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ 1 MB
337 KB 20ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/pdfmake.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27670
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 344327
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f87-10af19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Boq1tGS%2FPV7jVE%2Fx5YcfIliBEXHv6MJZ1aKHlltDquohvsWR9hwXapsc4tk%2F7l0rZfe0AcfYt1lXRPll2B2Z9EkSwrnjvJC4JXfLLyCtC7RxQqvLjOHobbNboEgJTKcJGXDVZVikNBDtf8vdpuJa7Xzn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6735883c5d922b65-FRA
expires: Wed, 13 Jul 2022 14:17:25 GMT

GET
H2 200 vfs_fonts.js Show response
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ 905 KB
309 KB 28ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/vfs_fonts.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 148271
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 315755
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f87-e2214"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzCiUI4hi59ZYNlMeOVva%2BmEP7PqFLquEjOPpTBmKzREjCRt7HdTXhLUCiYrcFfWPr9JNiqnQoEUW%2FD4LqSsSj01dZ20gQL166lQMQ90llC%2F32%2Bqak8EwIvfskt2r6YEFkOGl1yPkc0aBy8zlXuYwNA6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6735883c5d932b65-FRA
expires: Wed, 13 Jul 2022 14:17:25 GMT

GET
H2 200 jszip.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/ 100 KB
26 KB 28ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27665
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26506
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-18e33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRIUJHeSP3pkcI5DkgsAnoIlKmA5LeCgJ1W4I5APuwgJfn5IQWnrplSdXu52gRIskAZJYH6lB2sUnGJlFnFfnJe05%2BePwqnNxew6jdFGSFykYhKyvTGXuSjkHDC38nFGPL3QezJwvlouQRd7iYLk5kbI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6735883c5d942b65-FRA
expires: Wed, 13 Jul 2022 14:17:25 GMT

GET
H2 200 buttons.html5.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ 24 KB
7 KB 44ms
22ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/buttons.html5.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904201
content-length: 6608
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "1121700-60be-5c43d36efa716-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78ab4e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:47:23 GMT

GET
H2 200 dataTables.select.min.js Show response
cdn.datatables.net/select/1.3.1/js/ 12 KB
4 KB 46ms
24ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/select/1.3.1/js/dataTables.select.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecd43325cc9334cd008f1f481269b67d84c6c270cf151d8f87f1d16c136f0ee3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 3941
last-modified: Tue, 08 Jun 2021 08:48:08 GMT
server: cloudflare
etag: "1141410-3106-5c43d379c3ac6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78aa4e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 dataTables.fixedHeader.min.js Show response
cdn.datatables.net/fixedheader/3.1.6/js/ 8 KB
3 KB 46ms
25ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/fixedheader/3.1.6/js/dataTables.fixedHeader.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be422e1151b16ac5eb1700627b2ba98777e5ffb4a2baaf7900a7def556adbc5f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 3181
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "1120265-21ef-5c43d36f4564e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78ae4e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 dataTables.fixedColumns.min.js Show response
cdn.datatables.net/fixedcolumns/3.3.0/js/ 18 KB
6 KB 38ms
17ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/fixedcolumns/3.3.0/js/dataTables.fixedColumns.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa8a70b96b7ad7a1d0d5eaab27dc82ac9e576fffc4aa08ffbeed20b289cdf0ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 5839
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "112050f-48f4-5c43d36f0b49e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78b84e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 dataTables.responsive.min.js Show response
cdn.datatables.net/responsive/2.2.3/js/ 13 KB
5 KB 45ms
24ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/responsive/2.2.3/js/dataTables.responsive.min.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 3904516
content-length: 4594
last-modified: Tue, 17 Jul 2018 10:19:02 GMT
server: cloudflare
etag: "13e05e4-32e7-5712f46726cda-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6735883c78b64e3e-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:42:08 GMT

GET
H2 200 igsv-datatables.js Show response
www.dailyfaceoff.com/wp-content/plugins/inline-google-spreadsheet-viewer/ 1 KB
907 B 26ms
21ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/inline-google-spreadsheet-viewer/igsv-datatables.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccbe493a50455c56ed40e6de3c82c2ce76394d4b0557a1bc095af1755739ac9d

Request headers

:path: /wp-content/plugins/inline-google-spreadsheet-viewer/igsv-datatables.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=2433
cf-bgj: minify
last-modified: Wed, 04 Sep 2019 22:00:08 GMT
server: cloudflare
etag: W/"5d7033e8-981"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSrb5tafsKISIpgmt0rKIOyaqB70DaO5VhE38teGzEzCpPDfPKAmFU%2B25dhtO6whWeRYkq4spm2UTkRg4faHqXOf0qais6usY4evdWvgFweoiZq0dQxZEyrE2k5ThpQC%2FyGt9SAUwSXUIbinev6YYKhD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6735883c5fb81f51-FRA
expires: Fri, 23 Jul 2021 20:56:03 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi?ver=5.5.3
https://www.gstatic.com/charts/loader.js?ver=5.5.3

65 KB
20 KB

51ms
6ms

Script
text/javascript

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js?ver=5.5.3

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:18:34 GMT

Redirect headers

date: Fri, 23 Jul 2021 13:51:33 GMT
x-content-type-options: nosniff
server: sffe
age: 1552
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js?ver=5.5.3
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:21:33 GMT

GET
H2 200 igsv-gvizcharts.js Show response
www.dailyfaceoff.com/wp-content/plugins/inline-google-spreadsheet-viewer/ 2 KB
1 KB 29ms
24ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/inline-google-spreadsheet-viewer/igsv-gvizcharts.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ce69011a4d93821e9320528e9469d820d5123f5001b9a2ba61a97a54e93ad0

Request headers

:path: /wp-content/plugins/inline-google-spreadsheet-viewer/igsv-gvizcharts.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27680
cf-polished: origSize=4672
cf-bgj: minify
last-modified: Wed, 04 Sep 2019 22:00:08 GMT
server: cloudflare
etag: W/"5d7033e8-1240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFO3Sr1NSl7MJm3Me4MY39clF3tm9%2B0cqrO7XJV9ltEvkqKUsfBu8VfzKGmiVm5j64uvGXszz4r7F1nQN%2Fo2by3imUhVnkc3nhO91UBasw4Qs3OVhC5gI%2B1dPcVFemsxrsmKyNMHZh94QEL983RePuYZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6735883c5fb91f51-FRA
expires: Fri, 23 Jul 2021 21:20:49 GMT

GET
H2 200 squirrelly.min.js Show response
www.dailyfaceoff.com/wp-content/plugins/nation-infobox/js/ 7 KB
3 KB 29ms
25ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/nation-infobox/js/squirrelly.min.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dc47f10d71a5569c1f10825613dd354f8d3cfbb10b9b03cda275a117266ce27

Request headers

:path: /wp-content/plugins/nation-infobox/js/squirrelly.min.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2019 20:54:32 GMT
server: cloudflare
age: 29862
etag: W/"5d2ce808-1b56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxyXlkP1eN8PXBQm0Qcf2kIrRTTrPxsBH0x3qAbkuMf6mVkEdH1UASkdhh%2F%2F%2F5r4fjcyhZ4jAgFFKihwKoAehpjnpMMIY8dOeP3xs6Fn0eT5QZ%2FSLCB2rbUMvml696Hqo%2F9qKZHMNvCXXirFxWxGNGEz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6735883c5fba1f51-FRA
expires: Fri, 23 Jul 2021 21:20:49 GMT

GET
H2 200 tooltipster.bundle.js Show response
www.dailyfaceoff.com/wp-content/plugins/nation-infobox/js/ 50 KB
12 KB 31ms
27ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/nation-infobox/js/tooltipster.bundle.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 993e50674c3527ac48de4e9acf4473be966bd6b9d9ebd3d2132be1b008a1d789

Request headers

:path: /wp-content/plugins/nation-infobox/js/tooltipster.bundle.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=119776
cf-bgj: minify
last-modified: Mon, 15 Jul 2019 20:54:32 GMT
server: cloudflare
etag: W/"5d2ce808-1d3e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FW9nOkIso3cy25DiJg3e6paH133jlMcuiCQT1RLoog0YAjI2nHDKnT3ZSn%2Fx5O96X7hNnkhZrvc4NPyNbt8xqanOnDh3X2aOQ%2B4E986B0HWsEShhI7mCbhsNvgZzfcUA7ODkf%2B01vpBlmdgEe9pbmi%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6735883c5fbb1f51-FRA
expires: Fri, 23 Jul 2021 21:33:17 GMT

GET
H2 200 dailyfaceoff.png
www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/img/ 12 KB
12 KB 58ms
31ms Image
image/webp 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/img/dailyfaceoff.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcf797ecd41d505586912a9cb3d01745b0d2b51c98c2540d1f030a247020c6e

Request headers

:path: /wp-content/themes/freshnews/nationnetwork/assets/img/dailyfaceoff.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75086
cf-polished: origFmt=png, origSize=17057
content-disposition: inline; filename="dailyfaceoff.webp"
content-length: 12136
last-modified: Thu, 04 Oct 2018 16:08:11 GMT
server: cloudflare
etag: "5bb63aeb-42a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dw8%2F3zZaXCZ0fnLwrlxhnhjfKarsxC7RRXfulOI9JCbhQsXmF5%2FzTlgrlypvw7syJuQNefVaTBWWXsT06H%2BGHrtSxgz1PgdxFpzKRhXgej1ntOc4DVICUTeVilfFSgjeMDN3aeKGc%2BFz6AJ%2FlOb6B8PB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 22 Jul 2021 21:04:14 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 67358845dd2a1f51-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 E63NaRAUYAIce9b_727x404_acf_cropped.jpg
i1.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 23 KB
23 KB 324ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/E63NaRAUYAIce9b_727x404_acf_cropped.jpg?resize=727%2C404&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

53a370fc8241711b302c1340a0f148db13da2c1140b17409c90099be23fcf9d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 05:06:46 GMT
server: nginx
etag: "2831bc51c7e32891"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/E63NaRAUYAIce9b_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 23182
expires: Sun, 23 Jul 2023 17:06:46 GMT

GET
H2 200 USATSI_16381390-1_727x404_acf_cropped.jpg
i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 17 KB
18 KB 406ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16381390-1_727x404_acf_cropped.jpg?resize=727%2C404&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

eda771665b379bb77c6a31f035763abedf802f3a449b2f93f56008a36f2925fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Jul 2021 20:18:27 GMT
server: nginx
etag: "53e2004c1a97ee53"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16381390-1_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 17768
expires: Sun, 23 Jul 2023 08:18:27 GMT

GET
H2 200 USATSI_15685723_168383996_lowres_727x404_acf_cropped.jpg
i1.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 27 KB
27 KB 303ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_15685723_168383996_lowres_727x404_acf_cropped.jpg?resize=727%2C404&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

8d46618ce901aeccf7c90efc4bffd370de33a79ae3d40156421dd0c3cf7b1216

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Jul 2021 18:30:29 GMT
server: nginx
etag: "c106bf18a65d6a10"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_15685723_168383996_lowres_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 27204
expires: Sun, 23 Jul 2023 06:30:29 GMT

GET
H2 200 PP-Horiz-300w-300x94.png
www.dailyfaceoff.com/wp-content/uploads/2019/08/ 5 KB
5 KB 30ms
25ms Image
image/webp 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/wp-content/uploads/2019/08/PP-Horiz-300w-300x94.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456243f40e809b7721ad7c3ed956c6b45836f8b5d9ab5ef07f017d9484e1801a

Request headers

:path: /wp-content/uploads/2019/08/PP-Horiz-300w-300x94.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32971
cf-polished: origFmt=png, origSize=5430
content-disposition: inline; filename="PP-Horiz-300w-300x94.webp"
content-length: 5032
last-modified: Wed, 14 Aug 2019 16:32:24 GMT
server: cloudflare
etag: "5d543798-1536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yBix0p0AIkkSbmSbBaQidqd2YXeEa6xy%2FUIhiMitkvFh7YxLtNTXipENaZOBTKA64vH2xeMUw8kUb8nmKNYFJPLM%2FWeDqpXDErgmocrJWrK8tvlxudeeEmFLTu5xhIsAwJTGQKdyxNBJ7%2FZ7mLZ28xZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Jul 2021 08:22:05 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 67358845dd2c1f51-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 New-Project_727x404_acf_cropped.jpg
i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 14 KB
15 KB 272ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/New-Project_727x404_acf_cropped.jpg?resize=474%2C264&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1ff7060257d37142f4fa30eb38912e2f09e94ef162a6d550371b03faf017f72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 05:06:46 GMT
server: nginx
etag: "7dd46c0744519c6d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/New-Project_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 14526
expires: Sun, 23 Jul 2023 17:06:46 GMT

GET
H2 200 USATSI_16180391-2_727x404_acf_cropped.jpg
i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 16 KB
16 KB 278ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16180391-2_727x404_acf_cropped.jpg?resize=474%2C264&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e9ce0f8639b3a7865040cfbc86ba05406bfcf1b3d0c7074ad1f459b3a54a99d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Jul 2021 20:18:27 GMT
server: nginx
etag: "60a8afe476abc75d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16180391-2_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 16712
expires: Sun, 23 Jul 2023 08:18:27 GMT

GET
H2 200 USATSI_15856176-2_727x404_acf_cropped.jpg
i1.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 137 KB
137 KB 190ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_15856176-2_727x404_acf_cropped.jpg?resize=474%2C264&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ae7fb1bb6d8475842893c8968f796bbd629985c99e389072f6282bd0d9f1b1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Jul 2021 19:06:00 GMT
server: nginx
etag: "cd60585778252c52"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_15856176-2_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 140098
expires: Sun, 23 Jul 2023 07:06:00 GMT

GET
H2 200 Eichel-Jack_727x404_acf_cropped_727x404_acf_cropped_727x404_acf_cropped.jpg
i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 18 KB
18 KB 278ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/Eichel-Jack_727x404_acf_cropped_727x404_acf_cropped_727x404_acf_cropped.jpg?resize=474%2C264&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ea94775b0564f993f291c7b6a187429dfd6396c8e43c018a3eb8b129f9cf7f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Jul 2021 17:59:42 GMT
server: nginx
etag: "7f028a15ea7af4b3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/Eichel-Jack_727x404_acf_cropped_727x404_acf_cropped_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 18234
expires: Sun, 23 Jul 2023 05:59:42 GMT

GET
H2 200 USATSI_15802795-2_727x404_acf_cropped.jpg
i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/ 9 KB
9 KB 305ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_15802795-2_727x404_acf_cropped.jpg?resize=474%2C264&ssl=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c9e8c02ba8c301b62c5a0d210e97461bfb5f6affe75b5d0199e473f005f8e204

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Fri, 23 Jul 2021 14:17:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Jul 2021 17:37:48 GMT
server: nginx
etag: "81a627a0b5d79541"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_15802795-2_727x404_acf_cropped.jpg>; rel="canonical"
content-length: 8956
expires: Sun, 23 Jul 2023 05:37:48 GMT

GET
H2 200 goalie-start-icon.svg
www.dailyfaceoff.com/images/quick-links/ 100 KB
75 KB 67ms
25ms Image
image/svg+xml 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/images/quick-links/goalie-start-icon.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde7a5209b17fe2d40b7bfe38900ec8c46571e4e52132bf9d1ea90d40230890f

Request headers

:path: /images/quick-links/goalie-start-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:33 GMT
server: cloudflare
age: 80286
etag: W/"5b43d165-190b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCR%2FrmJt7KyET6319Us%2Bz24PZXDw8iyQ5jTvIvUb09Nw1%2BGDNNlt%2FX0QPab8xmitk3OncWl25bp9UBodupSqmtYtjp65K1tgL4SjDwK7qjz07%2BrTf9heBLSPn2xcuNKIz5lAlgpiiyubXKiVMXXDtXCm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 673588466deb1f51-FRA
expires: Fri, 23 Jul 2021 15:59:20 GMT

GET
H2 200 line-change-icon.svg
www.dailyfaceoff.com/images/quick-links/ 4 KB
2 KB 59ms
18ms Image
image/svg+xml 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/images/quick-links/line-change-icon.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abef7835e2dd6a272c1fe6feb28a51958015663cb0bd7f5e7514406bd6aab48a

Request headers

:path: /images/quick-links/line-change-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:33 GMT
server: cloudflare
age: 80286
etag: W/"5b43d165-ff1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaiIF9w4c2UAu1h6ZjmqKmX2CoVbxbQmkca2pfHa8%2F3DXGYN217rNgjrwT53y9LqumWhtNI47jr3NssoGj4%2FgBlK57n4H95xKfMrk6gtixY0lNd564X%2FzzJZT1TpTTlj64GPzuZ1haT%2B8CyxVSWqNOTO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358846ce7f1f51-FRA
expires: Thu, 22 Jul 2021 18:26:46 GMT

GET
H2 200 injury-icon.svg
www.dailyfaceoff.com/images/quick-links/ 4 KB
2 KB 57ms
17ms Image
image/svg+xml 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/images/quick-links/injury-icon.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 376a82afb13703446a6c306ec6448ee30697d7e8125991716aecee82e6b3e06a

Request headers

:path: /images/quick-links/injury-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:33 GMT
server: cloudflare
age: 80286
etag: W/"5b43d165-e5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1CVzTiwmFxuz3MDhb4fe8KBR7UtHPh5oKnKB2bAIAxHQH4hIMmeKTkqH3yQ1vpeQDugS0KT%2FHVa%2Bx249L%2FiMEcBfFmaFgrb9LH5McIUpSJyJWqJszFOWix0zRw59DuHJPvW0sqEPwA%2BmOK54rBb56%2Bj"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358846ce831f51-FRA
expires: Fri, 23 Jul 2021 08:37:11 GMT

GET
H2 200 roster-moves-icon.svg
www.dailyfaceoff.com/images/quick-links/ 6 KB
2 KB 60ms
18ms Image
image/svg+xml 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/images/quick-links/roster-moves-icon.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35b6e95475b106b5d5a58ce9e465adb8692f2b16c5e50e2e27278d976f2230f0

Request headers

:path: /images/quick-links/roster-moves-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:33 GMT
server: cloudflare
age: 80280
etag: W/"5b43d165-1644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANSnSQ85ogb7js11YO6SbS2BMCIMNY5mdNSJntypUdIM20tX5AVXChdC6lm3bW4hIsmSOZbr2Dg%2BI5CKwXv%2FszlKqlxShFBX7P7a6WZehJPea2IG08xFIDkAw01JbKIipCNFfGlfWPLCqLX6n6dH8Kja"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358846ce871f51-FRA
expires: Fri, 23 Jul 2021 02:08:32 GMT

GET
H2 200 trade-icon.svg
www.dailyfaceoff.com/images/quick-links/ 5 KB
2 KB 59ms
18ms Image
image/svg+xml 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/images/quick-links/trade-icon.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e921d71ae99a687ef4e9b85d43a2495cdcb2d76a934d890c6859f4dbd484267

Request headers

:path: /images/quick-links/trade-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:33 GMT
server: cloudflare
age: 80286
etag: W/"5b43d165-1570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWf2xmA9e0in98dmZHwpca3t%2F%2BqA5IE0AncdCvegrsljq3LHSkgMuvXaf%2BwcR9d1Efn44i%2Fynl03qr1RTp3wLi6mTCXBUKCBM9kQMCKmtOK%2BRZe9iSnW9qRxxOOGLavoIQ5lydyJ5%2BRtscQLSb%2Bqx9uO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358846ce881f51-FRA
expires: Fri, 23 Jul 2021 04:10:43 GMT

GET
H/1.1 200
OK embedcode.php Show response
embed.sendtonews.com/player2/ 81 KB
26 KB 539ms
209ms Script
application/javascript 54.243.196.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player2/embedcode.php?fk=0LyMZWq5&cid=8803&floatwidth=400
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.196.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-196-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: fa8431f7f37cd46c0f72fbb5cd0965c4eaa8657dbabfeb94e7e641d237c8feb4

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 26262
Expires: Fri, 23 Jul 2021 15:17:25 GMT

GET
H/1.1 200
OK 30004001.png
s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/ 11 KB
12 KB 827ms
195ms Image
image/png 52.218.181.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/30004001.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.181.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7bb614be4ecbb3056cdccbcc0dba57a7b2733f0230bb792673bea807bf4a2aa9

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:28 GMT
Last-Modified: Sat, 17 Jul 2021 22:21:16 GMT
Server: AmazonS3
x-amz-request-id: 3MWYMCZDYKW0YX6M
ETag: "afe65b62ffcc684595f0c1a2e5a66146"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11541
x-amz-id-2: 9veAyRM1pjmwAo7Smsof1axblxD6juU6YpCYLlvBGt8SoB3Uj8kpf0AWEu6dzY8D1fkWGQ38Ep8=

GET
H/1.1 200
OK free-agent-icon.svg
api.dailyfaceoff.com/uploads/news_category/icon/4/ 3 KB
3 KB 547ms
161ms Image
image/svg+xml 104.248.66.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.dailyfaceoff.com/uploads/news_category/icon/4/free-agent-icon.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.66.5 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e76997709f36eff0c723a196f78c99cc6ea7a65fa85a9349a7445ddb15c7fedd

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:27 GMT
Last-Modified: Fri, 11 May 2018 20:51:15 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5af60243-a3d"
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2621
Expires: Fri, 30 Jul 2021 14:17:27 GMT

GET
H/1.1 200
OK 30003481.png
s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/ 12 KB
12 KB 779ms
199ms Image
image/png 52.218.181.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/30003481.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.181.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1c0544eee057da1de2dd39ce4d0e674456b5cd8b66fc3477a75f97566a0ade5a

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:28 GMT
Last-Modified: Sat, 17 Jul 2021 22:24:05 GMT
Server: AmazonS3
x-amz-request-id: 3MWWJJME4EBW4ZFQ
ETag: "a68df69ae161020e2780e30c866b3cf5"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12404
x-amz-id-2: vIQqqYU07RGBrtFTkzrOntnRQQgYsVQm/pXayqGfs5ovlqBGLjyVKu+Ja6DPmQ7y37+LknqZ3Rs=

GET
H/1.1 200
OK 30003358.png
s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/ 12 KB
12 KB 713ms
207ms Image
image/png 52.218.181.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/30003358.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.181.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8949c816697c8c83c9667d3a01af9f89043a9bd20777109a172e080ea0064b5a

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:28 GMT
Last-Modified: Sat, 17 Jul 2021 22:24:29 GMT
Server: AmazonS3
x-amz-request-id: 3MWGKQX7R6385D72
ETag: "cba974e1f7408e9654b227ade7c7659f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11894
x-amz-id-2: RaChOVaFxdwwazvx1hvO8bWChgtux8xusIJT0v6SAtXjrXWVMjfeezl+fep9zCQDrIqncm8OORE=

GET
H/1.1 200
OK 30001192.png
s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/ 11 KB
12 KB 715ms
190ms Image
image/png 52.218.181.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/30001192.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.181.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee259d670caa88402185e7a3c9291ed361be957afa60443456a350091172a424

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:28 GMT
Last-Modified: Sat, 17 Jul 2021 22:31:36 GMT
Server: AmazonS3
x-amz-request-id: 3MWGV7H84DQZNWXX
ETag: "9479234a11b1dec25fd9e7c1ce4d15b9"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11548
x-amz-id-2: 3ZqHmw7PdCSt+HMnTv7ShkxdQkaGAJ0z33yIZLTEr9LuPOcqv58xArx/5ILT0iFNiMVpOBzOFiI=

GET
H/1.1 200
OK trade-icon.svg
api.dailyfaceoff.com/uploads/news_category/icon/5/ 5 KB
6 KB 488ms
158ms Image
image/svg+xml 104.248.66.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.dailyfaceoff.com/uploads/news_category/icon/5/trade-icon.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.66.5 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6e921d71ae99a687ef4e9b85d43a2495cdcb2d76a934d890c6859f4dbd484267

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:27 GMT
Last-Modified: Fri, 11 May 2018 20:50:56 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5af60230-1570"
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5488
Expires: Fri, 30 Jul 2021 14:17:27 GMT

GET
H/1.1 200
OK 30000914.png
s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/ 11 KB
11 KB 619ms
187ms Image
image/png 52.218.181.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/static.fantasydata.com/headshots/nhl/low-res/30000914.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.181.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c979e3ea6339718acfa9346691a7a62a648c62536ed9e8711838f391ea52c63

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:28 GMT
Last-Modified: Sat, 17 Jul 2021 22:34:39 GMT
Server: AmazonS3
x-amz-request-id: 3MWRXDHBP3TCF4F4
ETag: "f93c6397f97fc498efa0523567677774"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10904
x-amz-id-2: uGXrDAnGUvLsoQ1oWmn/vkVil/NBHC0wG55BWYTDVOQfLS99aIzEm9FsfkvXJYqltxKDXHNCCpE=

GET
H/1.1 200
OK Nedeljkovic-Alex_CAR_.png
api.dailyfaceoff.com/uploads/player/headshot/2727/ 31 KB
32 KB 610ms
299ms Image
image/png 104.248.66.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.dailyfaceoff.com/uploads/player/headshot/2727/Nedeljkovic-Alex_CAR_.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.66.5 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f6d8e1041fda3bd8df67117d160f5d0e57d2585b5e68ff3429baf04181722002

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:27 GMT
Last-Modified: Wed, 23 Jan 2019 19:33:07 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5c48c173-7dbe"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32190
Expires: Fri, 30 Jul 2021 14:17:27 GMT

GET
H2 200 NHL Show response
odds.oddsshark.com/rop-widget/612/ 16 KB
2 KB 431ms
117ms Script
application/javascript 107.22.147.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://odds.oddsshark.com/rop-widget/612/NHL
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.147.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-147-121.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 866d450018a5401c779a2555b6e9e84f046307c5089e3b534c0b15e6f529559d

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=300, max-age=1209600
content-length: 1939
expires: Fri, 06 Aug 2021 14:17:27 GMT

GET
H2 200 vendor.min.js Show response
www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/js/ 102 KB
36 KB 23ms
22ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/js/vendor.min.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b9259d35e7b12826b38db61a542f3a4f4ff7cba5a41662683f0a0c5ddbb81d

Request headers

:path: /wp-content/themes/freshnews/nationnetwork/assets/js/vendor.min.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:34 GMT
server: cloudflare
age: 13446
etag: W/"5b43d166-1970c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VkUdfPww%2Bd%2F6IHb08Zxu%2BNur2inINkMaDzCGdXdr7sKltZfSblPBnev9sM1gYU%2B6zscMLnwp%2FyPNsYrkcWRZpX6wrKvNm9BTiHPq9MnszLy70W5S%2BnYy9842PKgoULrelC9jQiJctDEgoBqh9Ri%2BQ%2B4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6735883eeb551f51-FRA
expires: Fri, 23 Jul 2021 20:32:16 GMT

GET
H2 200 app.min.js Show response
www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/js/ 7 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/js/app.min.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfde568ba652fa6211b4979a28d37c51f4683fdbcc824c4877b9746c3fb5974b

Request headers

:path: /wp-content/themes/freshnews/nationnetwork/assets/js/app.min.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:34 GMT
server: cloudflare
age: 60247
etag: W/"5b43d166-1c14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEXShhB5ZROJxtxaw75rOsRacbBXLjz1KVneua3aZENdhCYkGxiohHbDs%2BCdhhjmzA9tD6fDIbSCNoWn9mdukuWg1hC36hHH9k9099ybZtAr%2B2oN5xYWdAYekbhomdLMQsUWJMEml6SudO%2F189H0ozpv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6735883f7c091f51-FRA
expires: Fri, 23 Jul 2021 04:01:18 GMT

GET
H2 200 navigation.js Show response
www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/js/ 2 KB
1 KB 34ms
15ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/js/navigation.js?ver=20151215
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbcbc42617c3c384b24f25a42e3166d8607750b5e62dd9e7357b86681c552b9

Request headers

:path: /wp-content/themes/freshnews/nationnetwork/js/navigation.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2412
cf-polished: origSize=3206
cf-bgj: minify
last-modified: Mon, 09 Jul 2018 21:19:34 GMT
server: cloudflare
etag: W/"5b43d166-c86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Npu%2BCI4mdoHIqz3Vjz2IlhkyDBdhW9nq2cjmbNzrWR1LcaNbNkrOnEKmrFzIhP9ynouXaYySVjWyIsMdY80jWA8tZ2w%2B4SGU3zre%2FJvOO%2FjwFuFkiaF%2BoVHMWHtXeTI8sL2n8GSIkfG5Z5uETQk6aLd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358844fbde1f51-FRA
expires: Sat, 24 Jul 2021 03:42:16 GMT

GET
H2 200 skip-link-focus-fix.js Show response
www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/js/ 582 B
582 B 46ms
25ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f6bd5c4d72b87f811178633afc64659a36d24c0f7a256e641b7bb6f1d2e6d9

Request headers

:path: /wp-content/themes/freshnews/nationnetwork/js/skip-link-focus-fix.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=880
cf-bgj: minify
last-modified: Mon, 09 Jul 2018 21:19:34 GMT
server: cloudflare
etag: W/"5b43d166-370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CS9uO7X0hbqx7c2Lo%2FDsYDalmvsXB7i4COOTLRaVKmh4XB3S0szQJOMZKjBraIi86S0a4rYH4T22spag3mN3piBZpjYbsJAYLahp%2FXbMyL2Jmilnpq9KisAwPTAJL6EN5Y5nmGdrkFsHahQPzC%2BosZj3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358844fbe61f51-FRA
expires: Fri, 23 Jul 2021 04:01:18 GMT

GET
H2 200 scripts.js Show response
www.dailyfaceoff.com/wp-content/plugins/contact-form-7/includes/js/ 10 KB
4 KB 44ms
24ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.2
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626e83a8a2d5bceefe3accf98722f8538b07db7a3de1f801ca13828448d00bf5

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-bgj: minify
last-modified: Mon, 09 Jul 2018 21:19:33 GMT
server: cloudflare
etag: W/"5b43d165-295c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwvrO06o3Ve%2BYM5I6faOyHN4AafSIQgnGOz7THqDkWQpv0wBDFhEnzLmUZvESRj6No3VcmbAdZHxpPWLHVQzP87Bv5q0Od63YwYbRtfBA25WeGBHh0sF7CpzZzez9PhRk%2FOkYfHzFWEKXr%2FBrALz3nhC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358844fbe71f51-FRA
expires: Fri, 23 Jul 2021 20:27:21 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 97ms
15ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202129
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: gzip
server: nginx
etag: W/"60aef168-52b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:24:03 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 228 KB
57 KB 193ms
37ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7836d6b7b8bb6c4aebe9f2257aa1aab59cc3defae83b972e38a1c184411fb99

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
vary: Accept-Encoding
age: 112
via: 1.1 varnish
x-cache: HIT
content-length: 57955
x-amz-id-2: bDmmgkQy4c99ZlxAk5RNWMZk6hRgeRAGYCorGxCZIN5F4tzJprKayz8PJq5QDzA3Ak7t5USmmg4=
x-served-by: cache-fra19127-FRA
timing-allow-origin: *
last-modified: Thu, 22 Jul 2021 18:34:18 GMT
server: AmazonS3
etag: "6c86b72e94215d037067f11cc6d2fd4e"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 5FN3JR79CHGR8Z7T
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 34

GET
H2 200 accounting.js Show response
www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/vendor/ 5 KB
2 KB 44ms
25ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/vendor/accounting.js?ver=3.6.8
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d776dfb7de26bd8850b7bad1aeebbe8e86e2cb48a5d0c9908e90b77c78d06d

Request headers

:path: /wp-content/plugins/wp-simple-pay-pro-3/assets/js/vendor/accounting.js?ver=3.6.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=13504
cf-bgj: minify
last-modified: Tue, 28 Jan 2020 00:07:50 GMT
server: cloudflare
etag: W/"5e2f7b56-34c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SQZnGZkI9SfsLuLqh6pbXovbGebK96areHVIo3Hpbe8Sci1iUZPr77OzPEzS0BA1tjhVFjv5qN2NY3vEJiIMHPDqNJKPADH%2FLFBDn%2FNz386m5NYDH2HQhs01%2BiptpB%2Fgc9G8ifKHz0xf64ee1nNUJt3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358844fbe81f51-FRA
expires: Fri, 23 Jul 2021 20:20:53 GMT

GET
H2 200 shared.js Show response
www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/ 2 KB
1 KB 57ms
38ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/shared.js?ver=3.6.8
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4932ec17fa2424bffa8517ae3daef7c4971ab112f201aed6f17fbb5f4c214de5

Request headers

:path: /wp-content/plugins/wp-simple-pay-pro-3/assets/js/shared.js?ver=3.6.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 63865
cf-polished: origSize=4848
cf-bgj: minify
last-modified: Tue, 28 Jan 2020 00:07:50 GMT
server: cloudflare
etag: W/"5e2f7b56-12f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3H%2F5awf6mA1HKj25SvQPdn72Vv1%2FOGuMBELGbON3gMNLE2SlgeWe8HtwDli3T1HUQMBigTFyiTavHPF4bt00UDWt8DZBLU4T9d51V93%2BHcWIhoL0wsiXOlWANORP6ZCXYwyX4RkNsG53l10JzT%2BD%2FXh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358844fbea1f51-FRA
expires: Fri, 23 Jul 2021 08:19:14 GMT

GET
H2 200 underscore.min.js Show response
www.dailyfaceoff.com/wp-includes/js/ 16 KB
6 KB 48ms
29ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Nov 2020 22:00:36 GMT
server: cloudflare
age: 13447
etag: W/"5f9f3004-3f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaLrw8NlyaGwCqm7Otu%2Bi3oqj9XLQf4NNZq%2F8aPGuVWF%2Fl6MSHctbTZo3bxXuerPX5N3SQ7w%2FRij6lerLanGq4NNdJVjgIvyMLFu7siun6q3YOvPWolhjbeZ0JF2Njg%2F%2Ffvr1YHuBk%2FQpDbap2SLx497"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358844fbeb1f51-FRA
expires: Fri, 23 Jul 2021 20:32:17 GMT

GET
H2 200 backbone.min.js Show response
www.dailyfaceoff.com/wp-includes/js/ 23 KB
8 KB 47ms
16ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/backbone.min.js?ver=1.4.0
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 672696c6749ac10fa4aafff0e8a319f469244f4740eff57fe81fdbf43ce60a22

Request headers

:path: /wp-includes/js/backbone.min.js?ver=1.4.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Nov 2020 22:00:35 GMT
server: cloudflare
age: 13447
etag: W/"5f9f3003-5da3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tycnSxfPyXm%2B43HlgtdMTL7chL2z0tsgb7R8WRW06N2aZtzjhhotFnX8nDjhl6I2lTTYZdyTodJOvMezF%2F8AggXbOdqSoURaFAFfHFGfDuX2sBeejgUafUMzLSsRAMEugHMmtOzFPhCZofxwaZ5TmnLM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 673588453c3a1f51-FRA
expires: Fri, 23 Jul 2021 20:20:53 GMT

GET
H2 200 api-request.js Show response
www.dailyfaceoff.com/wp-includes/js/ 1 KB
942 B 51ms
27ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/api-request.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb41c284825696d4099e36876120b494700a2e97d2405ba44ef95802fdf3a790

Request headers

:path: /wp-includes/js/api-request.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=2655
cf-bgj: minify
last-modified: Sun, 01 Nov 2020 22:00:35 GMT
server: cloudflare
etag: W/"5f9f3003-a5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx%2FF9q4QZnga2aPn6XJqYrlIVGm6eXyWdeir2aPWPQqKWoEjZ16fFQL4VkuSR2RNGKW7j4LzOQdJCwtKgCsTiuDhjmLUSAio1ZP6EdO%2Bw0rCbLibfxiiJBphdfSxODIoSaKg3iq1zWoocykDi9AbUnMc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 673588455c651f51-FRA
expires: Sat, 24 Jul 2021 04:09:09 GMT

GET
H2 200 wp-api.js Show response
www.dailyfaceoff.com/wp-includes/js/ 21 KB
6 KB 52ms
29ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/wp-api.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ef54283f20a073cabd9c3b9a9d3045064b444b01cbe4533d3c0d82e602530c7

Request headers

:path: /wp-includes/js/wp-api.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=46744
cf-bgj: minify
last-modified: Sun, 01 Nov 2020 22:00:36 GMT
server: cloudflare
etag: W/"5f9f3004-b698"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFMr51Jq3CiiQelwvvyaK%2FdQ6sljPWkptyBhE0O%2FSqTWLjTskOnE2K7deSQOX%2B%2F%2BmcdV%2BeOQUf316Mm7XtbPB9s7OHf%2FdAXhTXKf96P7sEmxt1EDtizfLaZXN8qIPcSLhU4lyHpY1uBrKnHfefapP4%2By"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 673588455c671f51-FRA
expires: Fri, 23 Jul 2021 19:25:47 GMT

GET
H2 200 public.min.js Show response
www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/ 24 KB
9 KB 51ms
28ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/public.min.js?ver=3.6.8
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a830e6228641b7ef520d2fef6fb5a1d4fe1090d43131db4dbef7b64f06c7fe4f

Request headers

:path: /wp-content/plugins/wp-simple-pay-pro-3/assets/js/public.min.js?ver=3.6.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jan 2020 00:07:50 GMT
server: cloudflare
age: 60248
etag: W/"5e2f7b56-5fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUq2hoxDvOSveqVWPBoCVdB8CnyFd8KndONZEahrdHYOdKWwRFSkA33BfNvI1UABdySIXN4WwZrySvdmEKZnapFrk0M%2ByE6SsxeSmymvk8cT2SQSuQ0pZuo68WOgzlMiSBi8H%2B1VFFwmaP%2BKPkPS1EFV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 673588455c6a1f51-FRA
expires: Fri, 23 Jul 2021 20:32:17 GMT

GET
H2 200 core.min.js Show response
www.dailyfaceoff.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 63ms
42ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Nov 2019 20:29:13 GMT
server: cloudflare
age: 60248
etag: W/"5ddd8b19-f5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8HZX%2BMNGaNBsfvs6KxrcNELL9FADRZhTrjhaL0tX7ANjQHXaXdZxbY%2BXc7T%2FMoKb15ZqBuEwIVUVomDNmcCEcofFcltEhcMUmMEjZaRMmWMTH5qmY5Mz%2FlVq164XfJbGnLub0ZX2e3lbTvuwJWktNua"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 673588455c6e1f51-FRA
expires: Fri, 23 Jul 2021 16:27:49 GMT

GET
H2 200 datepicker.min.js Show response
www.dailyfaceoff.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 38ms
27ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79d249bab4461fa4adc1fab32de3371bf64689f83b9d77929279fc7e4af7d929

Request headers

:path: /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Nov 2019 20:29:13 GMT
server: cloudflare
age: 9644
etag: W/"5ddd8b19-8e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TG92BGMaBf1cr1LHW2XqRoL0%2BaveQIszkUlxQ1exzuIByj6iCJCKet5pO0ykrcCQcGcU0uCPhVGBnX%2FQ9oE1qR4c5i%2FJHBx0t8k%2FgcRehk0uGjGOxh3XR8jQLjRQvRYsx5OdPX%2B0qKfkwRc%2FNqwIkBhf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 673588456c801f51-FRA
expires: Sat, 24 Jul 2021 04:09:09 GMT

GET
H2 200 public-pro.min.js Show response
www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/ 50 KB
16 KB 60ms
17ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/public-pro.min.js?ver=3.6.8
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6831eb5c769f149e2ec4e7e8f50e47d8d14566bd7404818090cd31f338614e2

Request headers

:path: /wp-content/plugins/wp-simple-pay-pro-3/assets/js/public-pro.min.js?ver=3.6.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jan 2020 00:07:50 GMT
server: cloudflare
age: 60248
etag: W/"5e2f7b56-c933"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHWJvVzXsf5UudUt40W6swlATHyA7XtNJERCx0YeYjDPveAIYH%2FsEVaJNGnqTowKcnJc0VxeifsK9xQ%2BBEsE59mkVy%2FD40KcXzWOBWphAjTLmg7Gr9vLAdjI6UyV0wRWVljsGTnOHhsRYLKZFTl1AkbS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358845bce61f51-FRA
expires: Fri, 23 Jul 2021 20:32:17 GMT

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 23 KB
7 KB 77ms
6ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Julaa
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 15:50:36 GMT
server: nginx
etag: W/"5e8609cc-5dea"
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 30 Jul 2021 14:17:26 GMT

GET
H2 200 wpgroho.js Show response
www.dailyfaceoff.com/wp-content/plugins/jetpack/modules/ 795 B
903 B 56ms
27ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423b8c827f2ce3b6d0d21b741afb078cc2b4393fef723ab44cc5b78de266cd34

Request headers

:path: /wp-content/plugins/jetpack/modules/wpgroho.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=1070
cf-bgj: minify
last-modified: Mon, 25 Nov 2019 22:12:25 GMT
server: cloudflare
etag: W/"5ddc51c9-42e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYBLqu8ymHhODEHIAHS%2BpwmZlvCq%2BZ6chePx4SIAeq5KowPBK5Hd4LY28DvI5lyF0wZz2LWrLW3BUUTgces2gLXvMgljoZBHrM5Q%2F%2FzI5Jr9gNnGZ339MirXgVeD%2FIi3eynfJ9YWLTlkORlFITSrTm0M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358845cd0a1f51-FRA
expires: Fri, 23 Jul 2021 20:20:53 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
www.dailyfaceoff.com/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 56ms
28ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

:path: /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Nov 2019 17:02:15 GMT
server: cloudflare
age: 2411
etag: W/"5ddd5a97-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIhu57QxNO68oHRbK3fvv8HSpZ5vwp6EcVNBaWSEPq0m0iL59Wgn%2FfLAQH8e2yvsMI7E3LuLR106xPmTC%2FEMWTm5d3IGOcBLiZ83qEQWEje4ufTv2btYGIU%2FqQ26XvNHuYgTDXY9dVymhTX9wfe0peAf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358845cd0d1f51-FRA
expires: Fri, 23 Jul 2021 20:20:53 GMT

GET
H2 200 wp-embed.js Show response
www.dailyfaceoff.com/wp-includes/js/ 2 KB
1 KB 63ms
36ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/wp-embed.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db22b37c49a446a4aa73ef0938ef6bbff3f77224aa8412606eebd73f78816547

Request headers

:path: /wp-includes/js/wp-embed.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=3214
cf-bgj: minify
last-modified: Thu, 25 Apr 2019 22:17:11 GMT
server: cloudflare
etag: W/"5cc231e7-c8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtjBS9hqef3Q0da%2FQAFV2FzjIF7fTGtzDwdcy04kY%2BHfLlZQiYWviekcFUUIlRV0CfX7yKtj5LAHOENH65rp6feTCV86BiXTuepzV46DOw25v9ZIEAdc5N8kiY69Sp5VTJJ%2FLx1Z13K5Dz4zD7NirFSY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358845cd0f1f51-FRA
expires: Thu, 22 Jul 2021 20:10:56 GMT

GET
H2 200 nation-infobox.js Show response
www.dailyfaceoff.com/wp-content/plugins/nation-infobox/js/ 1 KB
903 B 63ms
35ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/plugins/nation-infobox/js/nation-infobox.js?ver=1.0.9
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63beb36407e0bf39b60ee651a5888c04df3c6b5f3a681ee2fdc5679dc9c67bfa

Request headers

:path: /wp-content/plugins/nation-infobox/js/nation-infobox.js?ver=1.0.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=1346
cf-bgj: minify
last-modified: Tue, 23 Jul 2019 21:30:40 GMT
server: cloudflare
etag: W/"5d377c80-542"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYd0Ol1F4E%2FDe9l9IHbO5RA9xx6LSlTzLUCwOq%2FCAI64nph9GWKBdIrOYhvcVO8Rn%2BPpnEqQJfPFHehAdN3w0OswLljnTJYXYD1zL0vd1AjKk837OrBnENONcMq9%2Bs%2Bj9h8v3APFqZVWjzJAQ8mMcmo4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 67358845cd111f51-FRA
expires: Fri, 23 Jul 2021 21:33:18 GMT

GET
H2 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 48ms
40ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:17:26 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 164 B
142 B 75ms
42ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dailyfaceoff.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

039cabb7dc5d7ba87d8176fe8a5052c8119ebe1bca6cfa913acf5e904a7007a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:17:25 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 44ms
21ms Fetch
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s.dblks.net
URL: https://s.dblks.net/ff/db.2633921.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 14:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 2795897176552484486
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:17:25 GMT

GET
H/1.1 200
OK report_metrics.js Show response
s.dblks.net/ff/ 7 KB
3 KB 113ms
106ms Script
application/javascript 199.212.255.151
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dblks.net/ff/report_metrics.js
Requested by: Host: s.dblks.net
URL: https://s.dblks.net/ff/db.2633921.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.151 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3fd4d7f1df68d5b4ef31162bd7e589dc1eac4baaa4cf94d536c2a08b479e9577

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 18:03:17 GMT
Server: nginx/1.16.1
ETag: W/"60f70fe5-1afa"
Transfer-Encoding: chunked
X-FW-Version: modern
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dailyfaceoff.com
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
51 KB 48ms
40ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TB47RXZ

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ef7649410c6da9430a5066979a841d38aca11282554cee26dfe241f7c60c329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52018
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Jul 2021 14:17:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 15ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: P3urAxc7Sbb+CIpNGeeUtBGFVkVaGY7s+1HYcvTT1l7QXWIKOfaNRjQNgN6z7Xb3evEE0hKIzTXpHwQUsW2ZiQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 23 Jul 2021 14:17:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/thenationnetwork-network/ 299 KB
29 KB 141ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/thenationnetwork-network/loader.js
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06f856a3da9f0e964bd4058c36b9385dc889acfaf86031e2213c1c5992c8f2bc

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HRUIiFLb.fO99d9eCThzNTvkwJYLHZ3i
content-encoding: gzip
etag: "a5ef4fb81b457e9cabfc038cee5a3276"
age: 83
x-cache: HIT
content-length: 29488
x-amz-id-2: Ct0E8rKzIRsUFFdTZxfo+byNgWtPCdOWAp2MQ9RddKF17IHy1Dz7mWdNM4rb5716xRmmhu1j0XQ=
x-served-by: cache-fra19141-FRA
last-modified: Thu, 22 Jul 2021 08:48:39 GMT
server: AmazonS3
x-timer: S1627049847.000001,VS0,VE1
date: Fri, 23 Jul 2021 14:17:27 GMT
vary: Accept-Encoding
x-amz-request-id: BFG8HWJYYNPCYS2R
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 49
x-cache-hits: 1

GET
H2 200 twemoji.js Show response
www.dailyfaceoff.com/wp-includes/js/ 13 KB
4 KB 43ms
36ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/twemoji.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8af4bf535c5ac410e5ee27be93e9bc80ed58163355774bab8c4ad79e3365ed5

Request headers

:path: /wp-includes/js/twemoji.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13447
cf-polished: origSize=28010
cf-bgj: minify
last-modified: Sun, 01 Nov 2020 22:00:36 GMT
server: cloudflare
etag: W/"5f9f3004-6d6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FNVfAe72L8W8TqPJ9PYJFS6AWqUDIgCc%2BoJvxLCmcsktUIOLoRXQp5yVu8lWxoZWLt8%2BWAJm0AYZoDUZ7YHEyEmnSfEH9J%2BsCnBxtiYYcZ%2F0q6wzNcBBlxd%2BtmhKj9lUuo8kujS9xh%2FQyM349BqnICp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 673588470ed31f51-FRA
expires: Fri, 23 Jul 2021 19:20:19 GMT

GET
H2 200 wp-emoji.js Show response
www.dailyfaceoff.com/wp-includes/js/ 4 KB
2 KB 101ms
13ms Script
application/javascript 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-includes/js/wp-emoji.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d15af9bd67fe77ac0050ac96a9cc9e173c23fbe76a8a144e29566e57fdbb41

Request headers

:path: /wp-includes/js/wp-emoji.js?ver=5.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60248
cf-polished: origSize=8989
cf-bgj: minify
last-modified: Sun, 01 Nov 2020 22:00:36 GMT
server: cloudflare
etag: W/"5f9f3004-231d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl4AUVtgv7kzB807QnvbdJeAx%2B2mHP1rqv08UgNdgqGZ%2BCcVnR8igP%2BIZS%2BjhoeVpFaf%2F23rIZxlrdf6Oj7vReSAo%2FcsMxMGTRSpB0jtRoSoTme5FN3Qw4R%2FISH2bLtgw94A3zeGGvpPxIpVQvjfuSBM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 673588479f931f51-FRA
expires: Thu, 22 Jul 2021 22:04:19 GMT

GET
H3-29 403 jquery.waypoints.min.js
static.thenationnetwork.com/js/ 0
0 29ms
16ms Script
text/html 2606:4700:3036::ac43:8e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thenationnetwork.com/js/jquery.waypoints.min.js?ver=5.5.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8e96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 loader.js Show response
www.gstatic.com/charts/51/ 48 KB
16 KB 76ms
5ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/loader.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi?key=ABQIAAAAwiMIIqyxlauCZEq6HtcucRTTYR0KKJf1MG_bG2L87OL-9TJ3qxSMR4NxjcYPpxiRKPcv3o2vl4ibMg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f9c7dcb6d3f3fd50ac55a55f8a4168652122756d7763c13c333c9d4b8a36f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:04:22 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:15:49 GMT

GET
H2

200

2625857 Show response
html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/ Frame C7EE
Redirect Chain

https://html5-player.libsyn.com/embed/destination/id/2625857/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/
https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

28 KB
8 KB

197ms
195ms

Document
text/html

204.16.246.215
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL

https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.16.246.215 Pittsburgh, United States, ASN20326 (TERASWITCH, US),

Reverse DNS

Software

Apache /

Resource Hash

ebb8dcbcd215c20a31a36d69f9a99816b06ba079bb0f3ed6b12e578b760466d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

:method: GET
:authority: html5-player.libsyn.com
:scheme: https
:path: /embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyfaceoff.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailyfaceoff.com/

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
server: Apache
cache-control: max-age=3600
expires: Fri, 23 Jul 2021 15:17:27 GMT
vary: Accept-Encoding
content-encoding: gzip
x-libsyn-host: web-player2.libsyn.com
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
content-length: 7991
content-type: text/html; charset=UTF-8

Redirect headers

date: Fri, 23 Jul 2021 14:17:27 GMT
server: Apache
location: /embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
cache-control: max-age=3600
expires: Fri, 23 Jul 2021 15:17:27 GMT
vary: Accept-Encoding
content-encoding: gzip
x-libsyn-host: web-player2.libsyn.com
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
content-length: 20
content-type: text/html; charset=UTF-8

GET
H2 200 SLXLc1nY6Hkvalqaa46L59Y.woff2
fonts.gstatic.com/s/cairo/v10/ 20 KB
20 KB 17ms
0ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v10/SLXLc1nY6Hkvalqaa46L59Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e248efd3e174f94f68af6f92ef1f044ff94469ef3589ec80875b8f30706b9738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:47:40 GMT
x-content-type-options: nosniff
age: 314986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20584
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:47:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:47:40 GMT

GET
H2 200 fontawesome-webfont.woff2
www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/fonts/ 70 KB
71 KB 50ms
17ms Font
application/octet-stream 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/css/app.css?ver=4.3.15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path: /wp-content/themes/freshnews/nationnetwork/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
pragma: no-cache
origin: https://www.dailyfaceoff.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/css/app.css?ver=4.3.15
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.dailyfaceoff.com
Referer: https://www.dailyfaceoff.com/wp-content/themes/freshnews/nationnetwork/assets/css/app.css?ver=4.3.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
last-modified: Mon, 09 Jul 2018 21:19:34 GMT
server: cloudflare
age: 282312
etag: "118d8-5709791ed3f6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5wpAB%2BhZVGDzIaoIHByWyjUj6K0uFv49TIe%2F4xhUIeVWwaQ17JflaigsJLT8J4Tux%2F3UDp95Ucc96aM76%2BoBFCt8JwrfRqG5fil08XUse8UWvYnlFf%2Br0bk0%2BlYS6%2B3ti5NOEJzDRNdOmfEBchomtPB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=864000
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 673588453c441f51-FRA
content-length: 71896
expires: Thu, 22 Jul 2021 16:31:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 35ms
3ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 330662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:24 GMT

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v10/ 20 KB
20 KB 35ms
3ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v10/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:08:22 GMT
x-content-type-options: nosniff
age: 328144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20672
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:47:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 19:08:22 GMT

GET
H2 200 SLXLc1nY6Hkvalr-ao6L59Y.woff2
fonts.gstatic.com/s/cairo/v10/ 21 KB
21 KB 38ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v10/SLXLc1nY6Hkvalr-ao6L59Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48249fc213d30c080d8dd9b444ee8c77a955003d4accac38d7a1042214dc7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 309645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:46:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 00:16:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 34ms
2ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 267445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:00:01 GMT

GET
H2 200 afa63c5e-9471-4d10-8fd7-aed2e6096e01_1140x641-35x35.jpeg
www.dailyfaceoff.com/wp-content/uploads/2021/07/ 608 B
1 KB 43ms
16ms Image
image/webp 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/wp-content/uploads/2021/07/afa63c5e-9471-4d10-8fd7-aed2e6096e01_1140x641-35x35.jpeg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 372053da5f05a5a53a7b9ed295e97b1b6306f0963c21cf168fe30ffef77090d0

Request headers

:path: /wp-content/uploads/2021/07/afa63c5e-9471-4d10-8fd7-aed2e6096e01_1140x641-35x35.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32970
cf-polished: qual=85, origFmt=jpeg, origSize=873
content-disposition: inline; filename="afa63c5e-9471-4d10-8fd7-aed2e6096e01_1140x641-35x35.webp"
content-length: 608
last-modified: Mon, 19 Jul 2021 14:00:40 GMT
server: cloudflare
etag: "60f58588-369"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tYL28pGpvcMQjm2OJVzrPpvX2NEZJx99VHUg1%2Blb0HNkykzRmxvrdEO9I8r6sliCjGxg3mlBM6tMD%2Bk5r28wUNWw3%2BvfXAW0ZWKbNFgVlTb2xfPypJvS%2FSRJMPohzwSjPUA7M91p765lcRwjiLrn6kX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Jul 2021 23:08:20 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 673588466ded1f51-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 USATSI_16086864-1-35x35.jpg
www.dailyfaceoff.com/wp-content/uploads/2021/07/ 988 B
1 KB 43ms
17ms Image
image/webp 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16086864-1-35x35.jpg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c405255cb9c214bf87a7c2eb70ad1b7d403c310172ab189a1bfdf01d65e06de

Request headers

:path: /wp-content/uploads/2021/07/USATSI_16086864-1-35x35.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32970
cf-polished: qual=85, origFmt=jpeg, origSize=3161
content-disposition: inline; filename="USATSI_16086864-1-35x35.webp"
content-length: 988
last-modified: Wed, 21 Jul 2021 18:49:02 GMT
server: cloudflare
etag: "60f86c1e-c59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc%2Fq2qlifCioBieKgFAnXcMi8XtQrD2aB4Kd6ulDHZctmcmvGIV1mS5Sl0YKlxD19kNLV7MXLRvTx%2FoI3hgCGAaaul7m1DDfFbVeFuv%2BtsV1zWKOw4cLajWwl4Eep2ChKpibK3P%2B7mhFKyhjMDTMbiV1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Jul 2021 20:10:49 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 673588466dee1f51-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 USATSI_16051693-2-35x35.jpg
www.dailyfaceoff.com/wp-content/uploads/2021/07/ 880 B
1 KB 42ms
17ms Image
image/webp 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16051693-2-35x35.jpg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2e54fd445fa1a47662134cbf7d6c8129c86b7f9f005e877aa02e31d124cc5a

Request headers

:path: /wp-content/uploads/2021/07/USATSI_16051693-2-35x35.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 67457
cf-polished: qual=85, origFmt=jpeg, origSize=3320
content-disposition: inline; filename="USATSI_16051693-2-35x35.webp"
content-length: 880
last-modified: Wed, 21 Jul 2021 18:45:31 GMT
server: cloudflare
etag: "60f86b4b-cf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiFFWhvzaLBpaI7sOyKMCZJHg02C%2BNNtpuUmRTeVJCxITwXjzWLALRPiAq1kO837agYUoNqkrCTBSgVLueVYAA3svet5Et7iDsI1lbKHrAP52w2GjZT7pcVQXcG8ZBbL0ICVNmJLoRzRFO8%2BqMbSLYfn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Jul 2021 18:29:58 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 673588466df01f51-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 USATSI_16299174-2-35x35.jpg
www.dailyfaceoff.com/wp-content/uploads/2021/07/ 904 B
1 KB 41ms
16ms Image
image/webp 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16299174-2-35x35.jpg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a294b3f944461544bdbaaaaeddc645139a2d50c3a8c935adc816fb4c87f31df

Request headers

:path: /wp-content/uploads/2021/07/USATSI_16299174-2-35x35.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 73211
cf-polished: qual=85, origFmt=jpeg, origSize=3350
content-disposition: inline; filename="USATSI_16299174-2-35x35.webp"
content-length: 904
last-modified: Wed, 21 Jul 2021 18:15:34 GMT
server: cloudflare
etag: "60f86446-d16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GtDecIBjUsyLZ%2BDcMm3I%2F2cUpR0Peyqk5ydOkVCjab2dMn1e1Q4h0XV7Ads3v%2FDalBK9eDTH4Kl8u6HabJ1pEzrwtGDw5XHCrTyC6SY8nOrXnLo3DRxoUgbZrKzTdGlQZwY996DuQErIj3iT2ZdG9Gk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Jul 2021 17:38:04 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 673588466df11f51-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 USATSI_16117612-35x35.jpg
www.dailyfaceoff.com/wp-content/uploads/2021/07/ 842 B
1 KB 54ms
29ms Image
image/webp 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyfaceoff.com/wp-content/uploads/2021/07/USATSI_16117612-35x35.jpg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7aa71deb502b7aeb6f262d8ac966b41d4acd63ba310579c8bde7801a6d85456

Request headers

:path: /wp-content/uploads/2021/07/USATSI_16117612-35x35.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dailyfaceoff.com
referer: https://www.dailyfaceoff.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 73211
cf-polished: qual=85, origFmt=jpeg, origSize=16535
content-disposition: inline; filename="USATSI_16117612-35x35.webp"
content-length: 842
last-modified: Sat, 17 Jul 2021 17:58:49 GMT
server: cloudflare
etag: "60f31a59-4097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xAEhH3BXuVAPs1%2F72wATEuXAO%2BR0yuJTU1HcOLi5NTSr2Tks8HbjqAa4WW%2BirzKgin5oaThsrbu1hPQK7o%2B1Sge6C5k672i%2BhgpUORYIlGlerJg69POlonSmUGo0Te7XQt76H4nvsoZPzxNr21tpE%2BU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Jul 2021 17:26:33 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 673588466df61f51-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 / Show response
player.sendtonews.com/version/ 207 B
566 B 159ms
33ms Script
application/javascript 13.226.145.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/version/?jsonp
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=0LyMZWq5&cid=8803&floatwidth=400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-35.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: a85a58d36c44d04f90fc2e7a75a41d8a1a2763a4c4aec1ebe162513dfd636447

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:11:21 GMT
content-encoding: gzip
server: Apache
age: 366
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
content-length: 180
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
x-amz-cf-id: 9S214rTIBIm57ncpIsoeGlfYKarkcFKjYIos_exSc3I8kjKrFjpBkQ==
expires: Fri, 23 Jul 2021 14:21:21 GMT

GET
H2

200

2625857 Show response
html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/ Frame 836F
Redirect Chain

https://html5-player.libsyn.com/embed/destination/id/2625857/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/
https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

28 KB
8 KB

207ms
204ms

Document
text/html

204.16.246.215
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL

https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.16.246.215 Pittsburgh, United States, ASN20326 (TERASWITCH, US),

Reverse DNS

Software

Apache /

Resource Hash

ebb8dcbcd215c20a31a36d69f9a99816b06ba079bb0f3ed6b12e578b760466d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

:method: GET
:authority: html5-player.libsyn.com
:scheme: https
:path: /embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyfaceoff.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailyfaceoff.com/

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
server: Apache
cache-control: max-age=3600
expires: Fri, 23 Jul 2021 15:17:27 GMT
vary: Accept-Encoding
content-encoding: gzip
x-libsyn-host: web-player3.libsyn.com
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
content-length: 7991
content-type: text/html; charset=UTF-8

Redirect headers

date: Fri, 23 Jul 2021 14:17:27 GMT
server: Apache
location: /embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
cache-control: max-age=3600
expires: Fri, 23 Jul 2021 15:17:27 GMT
vary: Accept-Encoding
content-encoding: gzip
x-libsyn-host: web-player3.libsyn.com
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
content-length: 20
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
www.dailyfaceoff.com/wp-json/wp/v2/ 91 KB
6 KB 239ms
229ms XHR
text/html 2606:4700:20::ac43:4488
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyfaceoff.com/wp-json/wp/v2/
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066173c71016f334be27e3ba7d388de7f464b7631edce28c2f9901d781e815f3

Request headers

:path: /wp-json/wp/v2/
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.dailyfaceoff.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://www.dailyfaceoff.com/
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dailyfaceoff.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 23 Jul 2021 14:14:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67w1qasU0SD0JYghn16FUKEp0xk1MFuPHbwu7BLum7NtILKnolep%2BsCFMi5FTAB6Sj6CrdPN5ex9oZFuuW6m4%2BHuFfUaErNYpk1TMr2FcejC%2F62qgR0XLRA8ZFqAIhtRAR7ZpyvtAH6lBU8iAbh443R2"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-provider: CLOUDWAYS-CACHE-DE
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67358847cfdb1f51-FRA

GET
H3-29 200 SLXLc1nY6HkvalqKbI6L59Y.woff2
fonts.gstatic.com/s/cairo/v10/ 20 KB
20 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v10/SLXLc1nY6HkvalqKbI6L59Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo%3A300%2C400%2C600%2C700%7CRoboto%3A300%2C400%2C700&ver=5.5.3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa8a91f02f5e195c95d96b708985462eb5f30a4d07deedcd17ccf133219f847d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:23:52 GMT
x-content-type-options: nosniff
age: 266015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20632
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:47:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:23:52 GMT

GET
H2 200 platform.js Show response
cdn.vuukle.com/ 130 KB
35 KB 63ms
30ms Script
application/javascript 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/platform.js
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc40c0af1480a8f91604eb592ad0d8867f98cb59312b23d079df56eb384a4341

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 163223
cf-polished: origSize=132890
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 16:55:45 GMT
server: cloudflare
etag: W/"60f85191-2071a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-ray: 673588487eb74a98-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 hovercard.min.css
secure.gravatar.com/dist/css/ 8 KB
2 KB 11ms
10ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/hovercard.min.css?ver=2021Julaa
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Julaa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
server: nginx
etag: W/"5fac09d6-1e86"
content-type: text/css
cache-control: max-age=604800
expires: Fri, 30 Jul 2021 14:17:27 GMT

GET
H2 200 services.min.css
secure.gravatar.com/dist/css/ 3 KB
587 B 16ms
15ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/services.min.css?ver=2021Julaa
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Julaa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
cache-control: max-age=604800
expires: Fri, 30 Jul 2021 14:17:27 GMT

GET
H2 200 m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Show response
js.stripe.com/v3/ Frame 0388 215 B
536 B 37ms
27ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyfaceoff.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailyfaceoff.com/

Response headers

x-amz-id-2: xXFIUuMVP3NOx0lXWmFf+CK4BhN9IYFIAgmKuFIs1FNAeOl3kwn+vQTTqLvOPL+DQZ4S/IyZzm4=
x-amz-request-id: XM6FBXY8E0ZDCRHH
last-modified: Tue, 29 Jun 2021 17:25:38 GMT
etag: "5564a2ae650989ada0dc7f7250ae34e9"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Fri, 23 Jul 2021 14:17:27 GMT
via: 1.1 varnish
age: 97
x-served-by: cache-fra19127-FRA
x-cache: HIT
x-cache-hits: 131
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

GET
H3-29 200 1721740624799960 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1721740624799960?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21795501aba5faba6ca338419fd7b8f92b9eca70dd799dcb49d5d2e57bef43ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 3sjNdsM///xO4xuMGodzUx0d6wlQkqc3olLChRFR2vwv+WbsbxNePetHyHU45gZprj/yNjosZnbCrBIlLmGbSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Jul 2021 14:17:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 impl.20210722-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 530 KB
118 KB 27ms
25ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210722-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thenationnetwork-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f4acfb00a263ea44064f4a07608cea0f0167df64cac3170b2a39e91f957a3691

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uPV.ECYeEd0m9WJH9Q1rdOsV4uFOrLBi
content-encoding: br
etag: "e6c99c94e8a4eabe72df2da687da873f"
age: 20457
x-cache: HIT
content-length: 120411
x-amz-id-2: G3gzqeUNIVn705PmmDkJ6MyoXxyxg/lUKCJr4QaGfEBwYqOuVq9YTplHUNnUeOKHh8NvHLI5Ags=
x-served-by: cache-fra19141-FRA
last-modified: Thu, 22 Jul 2021 08:31:25 GMT
server: AmazonS3-br
x-timer: S1627049848.703275,VS0,VE0
date: Fri, 23 Jul 2021 14:17:27 GMT
vary: Accept-Encoding
x-amz-request-id: 71F7E6C57THR50TA
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 36
x-cache-hits: 67030

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 105ms
35ms Script
application/javascript 13.226.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thenationnetwork-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:53:44 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: gSIRpRaOfrgCDBE_dXjT6eu98VLEQ4yCx81U-YBO1ZCoWrPT1Vv-sg==

GET
H2 200 player.js Show response
player.sendtonews.com/player7/player/65.18.9/ Frame C2C3 229 KB
69 KB 38ms
37ms Script
application/javascript 13.226.145.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player2/embedcode.php?fk=0LyMZWq5&cid=8803&floatwidth=400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-35.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 762f5ea99556197c9c06177486cd5896c5c8c63895443104cc330582e55e1d70

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:08:16 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 21:27:06 GMT
server: Apache
age: 551
etag: "39260-5c73021fade80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: ipGnbrViFtuievpJL-dJvCpHMIjiyntQHfZwZveNTKVq_CsWDhAgwA==
expires: Fri, 23 Jul 2021 15:08:16 GMT

GET
H2 200 getGeo Show response
vuukle.com/ 25 B
374 B 81ms
47ms XHR
application/json 2606:4700:10::6816:3ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vuukle.com/getGeo
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dfb242c92df672a6258738bee8f2ebbb225ae63245f2c31b2d10f3abc6afd92

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 86400
cf-ray: 6735884ccb400ebb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25

GET
H3-29 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
24 KB 78ms
37ms Other
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "937 / 643 of 1000 / last-modified: 1627038728"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24851
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:17:27 GMT

GET
H3-29 200 dailyfaceoff.com.json Show response
cdn.vuukle.com/ads/ 2 KB
1 KB 218ms
185ms XHR
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/ads/dailyfaceoff.com.json
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e958b53fee79349ceaa960ad44698eefd15533098a4f143fb1350345af1592a6

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 23 Jul 2021 09:55:13 GMT
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag: W/"60fa9201-951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cf-ray: 6735884ccbead6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 rop-widget-styles.css
odds.oddsshark.com/css/ 4 KB
1 KB 122ms
118ms Stylesheet
text/css 107.22.147.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://odds.oddsshark.com/css/rop-widget-styles.css?v=c4a883726167d73904f45470320e088b33e8be57
Requested by: Host: odds.oddsshark.com
URL: https://odds.oddsshark.com/rop-widget/612/NHL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.147.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-147-121.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b7898458696bdb895e0db289f7b7111479b20a7eab179944fcb8d01d84676744

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: gzip
last-modified: Wed, 15 Jan 2020 13:57:23 GMT
server: Apache/2.4.18 (Ubuntu)
etag: "f4b-59c2e167ab729-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1123
expires: Fri, 06 Aug 2021 14:17:27 GMT

GET
H/1.1 200
OK OS-logo-black-red.svg
chalk-images.s3.amazonaws.com/oddsshark/logos/ 4 KB
4 KB 446ms
133ms Image
image/svg+xml 52.217.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chalk-images.s3.amazonaws.com/oddsshark/logos/OS-logo-black-red.svg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8b54033e8f4ed71efa790157be2f4cf86e0821be274a806ba37df0534c2c9be

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:29 GMT
Last-Modified: Thu, 05 Dec 2019 20:10:39 GMT
Server: AmazonS3
x-amz-request-id: 63PZF3X0CN5ZTN0M
ETag: "e99e51dade68079aa8a4c13253649ba1"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 3869
x-amz-id-2: Edv3kDADHh0N3N8CNH/gBLL1ILCVOkAZ/Agw/oxbMFVQ4+7vRwhdCabl0onbCu53fMHpwFMHhhE=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TB47RXZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 90
date: Fri, 23 Jul 2021 14:15:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 23 Jul 2021 16:15:57 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=11441895&ns__t=1627049847830&ns_c=UTF-8&c8=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&c7=https%3A%2F%2Fwww.d...
https://sb.scorecardresearch.com/b2?c1=2&c2=11441895&ns__t=1627049847830&ns_c=UTF-8&c8=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&c7=https%3A%2F%2Fwww....

64 B
330 B

74ms
48ms

Image
image/gif

13.226.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=11441895&ns__t=1627049847830&ns_c=UTF-8&c8=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c9=
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-29.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 6ixWlT9NDs4KpWOi7L72zhiF-jkYyUmFHBw7y8Qb9YGer6RicOyZsA==

Redirect headers

date: Fri, 23 Jul 2021 14:17:27 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=11441895&ns__t=1627049847830&ns_c=UTF-8&c8=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c9=
content-length: 242
x-amz-cf-id: 9DJgt3S2AI2imwpvoq1baAXWKpYQCGz3H30LCqOWagY315jOmcTPZg==

GET
H3-29 200 tooltip.css
www.gstatic.com/charts/51/css/core/ 1 KB
2 KB 10ms
8ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/core/tooltip.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:46:30 GMT
x-content-type-options: nosniff
age: 1857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1524
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:46:30 GMT

GET
H3-29 200 util.css
www.gstatic.com/charts/51/css/util/ 12 KB
12 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/util/util.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:08:33 GMT
x-content-type-options: nosniff
age: 534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12720
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:08:33 GMT

GET
H3-29 200 controls.css
www.gstatic.com/charts/51/css/controls/ 9 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/controls/controls.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be877def15f67044c8e58d5803e8086338417b76de467759875744ed36801516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1825
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:25:55 GMT

GET
H3-29 200 table.css
www.gstatic.com/charts/51/css/table/ 10 KB
10 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/table/table.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdfd284557089f415bc6780fd59f6f957746ebd2f3de6b7aa668c401eb5a3063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:16:14 GMT
x-content-type-options: nosniff
age: 73
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10441
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:16:14 GMT

GET
H3-29 200 format.css
www.gstatic.com/charts/51/css/util/ 1 KB
340 B 13ms
12ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/util/format.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96f82f5743dccc9d190dfbaa742d67fedf079e975bd31f7908394674abac742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:15:41 GMT

GET
H3-29 200 annotationchart.css
www.gstatic.com/charts/51/css/annotationchart/ 6 KB
1 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/annotationchart/annotationchart.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

471c94cf4ddb265419b1500fdfc5a7d89d5bf24142506cb73595d1a4baf3e09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1404
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:51:31 GMT

GET
H3-29 200 jsapi_compiled_default_module.js Show response
www.gstatic.com/charts/51/js/ 263 KB
83 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_default_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7e72eecf6a4fb2981627eb8d15b947d394398db4e67c7ca7705749cdb2f832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84496
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:37:49 GMT

GET
H3-29 200 jsapi_compiled_graphics_module.js Show response
www.gstatic.com/charts/51/js/ 24 KB
8 KB 22ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_graphics_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad0d8bf9e4659eb773ec937a69b25c1e8869b17c43acd258f01e268f0194088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7953
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:18:12 GMT

GET
H3-29 200 jsapi_compiled_ui_module.js Show response
www.gstatic.com/charts/51/js/ 507 KB
167 KB 41ms
33ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_ui_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0867ee1df230c80dc1601a8c56c499fabe444ab3ec173ce8b901444560c8816d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 171024
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:26:30 GMT

GET
H3-29 200 jsapi_compiled_corechart_module.js Show response
www.gstatic.com/charts/51/js/ 8 KB
8 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_corechart_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c48eef4e305a1f7e77d50dcac4b5f7baf250b0d55dfbab468db645bfb13c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:09:45 GMT
x-content-type-options: nosniff
age: 462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8077
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:09:45 GMT

GET
H3-29 200 jsapi_compiled_controls_module.js Show response
www.gstatic.com/charts/51/js/ 82 KB
24 KB 44ms
36ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_controls_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d8341b0fbea8e228ac2aedab6bf7d280291915f96dfb053d4b7b2de9fb99543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25039
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:03:05 GMT

GET
H3-29 200 jsapi_compiled_table_module.js Show response
www.gstatic.com/charts/51/js/ 3 KB
3 KB 40ms
32ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_table_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95e88aa3ddbfb9eafedac06f01025f12d4751a63841e18a5a1bbacae651f899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:13:53 GMT
x-content-type-options: nosniff
age: 214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2851
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:13:53 GMT

GET
H3-29 200 jsapi_compiled_annotationchart_module.js Show response
www.gstatic.com/charts/51/js/ 19 KB
7 KB 40ms
33ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_annotationchart_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c7dfcbd96933a59579d95c5499b8cbbd6d6150355e8eb2b3bec9405e5db0670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7124
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:48:29 GMT

GET
H3-29 200 jsapi_compiled_annotatedtimeline_module.js Show response
www.gstatic.com/charts/51/js/ 390 B
181 B 17ms
10ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_annotatedtimeline_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e095ddca4f6772748a538a12c0a04d6d9740e8fdbc33210369a98571e545a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:02:14 GMT

GET
H3-29 200 jsapi_compiled_gauge_module.js Show response
www.gstatic.com/charts/51/js/ 8 KB
3 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_gauge_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6f47ed8780b687c5a130fb2a771626719f31ddf91027f4f713a335c7c3205f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3285
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:40:04 GMT

GET
H3-29 200 jsapi_compiled_geo_module.js Show response
www.gstatic.com/charts/51/js/ 6 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_geo_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

942d2f1d42ecb80ad20154c4c880839281b4e1f621854a3db03ea6ac304285a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:20:02 GMT
x-content-type-options: nosniff
age: 3445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5989
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:20:02 GMT

GET
H3-29 200 jsapi_compiled_geochart_module.js Show response
www.gstatic.com/charts/51/js/ 40 KB
40 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_geochart_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d1bc719dfc930bdeab5a66c70087bf041d6e656fd662de9118b842d9e6524a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:49:50 GMT
x-content-type-options: nosniff
age: 1657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40706
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:49:50 GMT

GET
H3-29 200 jsapi_compiled_fw_module.js Show response
www.gstatic.com/charts/51/js/ 83 KB
25 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_fw_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23dda07bcc257665b937985a24a105e5e759cda1bd2e277a0cb43acbf6f92f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25803
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:32:40 GMT

GET
H3-29 200 dygraph-tickers-combined.js Show response
www.gstatic.com/charts/51/third_party/dygraphs/ 18 KB
6 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/third_party/dygraphs/dygraph-tickers-combined.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d9e48b0d5a604dbce0921ef4c0a8f8e44e265ef52faad0031cca0449d066c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6003
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:34:53 GMT

GET
H3-29 200 jsapi_compiled_timeline_module.js Show response
www.gstatic.com/charts/51/js/ 20 KB
8 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_timeline_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88804a94352c48bb0089cd83df3dbe05927a9035b9b52f82c02b589bff28d6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7668
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 23 Jul 2021 15:02:18 GMT

GET
H2 200 m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0388 1 KB
819 B 47ms
22ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
vary: Accept-Encoding
age: 216
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: icnIH9FfdDmPDI98gl8vnl5OehKLt4QyU6qASsTAuXy/nPTUKMLHDtdDWQsxkMqabcjAVCC55WU=
x-served-by: cache-fra19127-FRA
timing-allow-origin: *
last-modified: Tue, 29 Jun 2021 17:25:39 GMT
server: AmazonS3
etag: "78581b5abad6c4e7b59c0f8ee45a8134"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: YTEE0YAJX96TRT57
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 255

GET
H3-29 200 cnsnt.platform.js Show response
cdn.vuukle.com/ 3 KB
2 KB 79ms
36ms Script
application/javascript 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/cnsnt.platform.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35ad2369ec72753b3662f0aa719dd9173be3a636d617a6584c11b5d224af2aff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 5154
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 16:56:33 GMT
server: cloudflare
etag: W/"60f851c1-ac3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=3600
cf-ray: 6735884dddd605d0-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 libsyn-fonts.css
static.libsyn.com/p/assets/platform/fonts/ Frame C7EE 5 KB
694 B 115ms
30ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cee9374fc13a18761fed55a496af0a43f214255c97bb43af3b06f5b44589d03c

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:43 GMT
etag: "1593383203"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds285.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 509

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame C7EE 118 KB
20 KB 35ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 10602818
cdn-cachedat: 2021-03-11 11:57:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a31dd7f18bc0fe8277e68a4489d4861a
cf-ray: 6735884dbd9005d0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 custom-player-bootstrap.min.css
static.libsyn.com/p/assets/platform/customplayer/ Frame C7EE 10 KB
3 KB 106ms
31ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/custom-player-bootstrap.min.css?u=2018-07-09
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 654b91c942f577f5bf6247cd8205f1052bfa3cb5cbcdd1aad2731797f776f0ec

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:36 GMT
etag: "1593383196"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds109.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 2542

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame C7EE 30 KB
7 KB 36ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 10603203
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50f270cef956c80b14f61fa9ad96c573
cf-ray: 6735884dbd9205d0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 css
fonts.googleapis.com/ Frame C7EE 2 KB
478 B 38ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:59:59 GMT
server: ESF
date: Fri, 23 Jul 2021 14:17:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Jul 2021 14:17:27 GMT

GET
H2 200 jcarousel.responsive.css
static.libsyn.com/p/assets/platform/customplayer/ Frame C7EE 2 KB
826 B 106ms
32ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/jcarousel.responsive.css
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 78512513fc22684ffb14efa1d150dad7416207241c73fb7c087a01bc7b883dcc

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:37 GMT
etag: "1593383197"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds261.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 703

GET
H2 200 lock-black.svg
static.libsyn.com/p/assets/platform/customplayer/images/ Frame C7EE 1 KB
1 KB 113ms
39ms Image
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/images/lock-black.svg
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 042f1cef0d455760639cfd578141c2179ac3c0a147c4fed12863b00d216a882e

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Sun, 28 Jun 2020 22:26:38 GMT
etag: "1593383198"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds278.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 1144

GET
H2

200

height_100_width_100_overlay_Untitled_design_1.png
ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/ Frame C7EE
Redirect Chain

https://assets.libsyn.com/secure/content/107866706?height=100&width=100&overlay=true
https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png

13 KB
13 KB

43ms
41ms

Image
image/png

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 60e6785cf2f4577726ee450e679e7788a70431d07cd33771d749a0fa784cbad8

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Fri, 23 Jul 2021 11:05:10 GMT
etag: "1627038310"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds202.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31524396
accept-ranges: bytes
content-length: 13462

Redirect headers

location: https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png
date: Fri, 23 Jul 2021 14:17:28 GMT
x-libsyn-host: t2
access-control-allow-origin: *
content-length: 0
server: Apache
content-type: text/html; charset=UTF-8

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@2.1.3/dist/ Frame C7EE 82 KB
29 KB 63ms
24ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@2.1.3/dist/jquery.min.js

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2412805
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29587
etag: W/"14983-YsQELp68aRpTctZTtCRRKlYdFnA"
x-served-by: cache-fra19151-FRA
date: Fri, 23 Jul 2021 14:17:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame C7EE 36 KB
10 KB 31ms
15ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://html5-player.libsyn.com
Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 9073254
cdn-cachedat: 2021-04-07 13:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ebb19ea8c31b851b513d51823b7584fd
cf-ray: 6735884dceba43b8-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.jcarousel.min.js Show response
static.libsyn.com/p/assets/platform/customplayer/ Frame C7EE 18 KB
5 KB 110ms
36ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/jquery.jcarousel.min.js
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4c934534eb9fefa3ae15481defd2ac395d108538ac932da8299c02d0bd3faca0

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:37 GMT
etag: "1593383197"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds098.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 5295

GET
H2 200 libsyn-fonts.css
static.libsyn.com/p/assets/platform/fonts/ Frame 836F 5 KB
567 B 103ms
30ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cee9374fc13a18761fed55a496af0a43f214255c97bb43af3b06f5b44589d03c

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:43 GMT
etag: "1593383203"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds285.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 509

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 836F 118 KB
20 KB 27ms
16ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 10602818
cdn-cachedat: 2021-03-11 11:57:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a31dd7f18bc0fe8277e68a4489d4861a
cf-ray: 6735884dbd9405d0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 custom-player-bootstrap.min.css
static.libsyn.com/p/assets/platform/customplayer/ Frame 836F 10 KB
3 KB 102ms
31ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/custom-player-bootstrap.min.css?u=2018-07-09
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 654b91c942f577f5bf6247cd8205f1052bfa3cb5cbcdd1aad2731797f776f0ec

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:36 GMT
etag: "1593383196"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds109.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 2542

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 836F 30 KB
7 KB 24ms
13ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 10603203
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50f270cef956c80b14f61fa9ad96c573
cf-ray: 6735884dbd9605d0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 css
fonts.googleapis.com/ Frame 836F 2 KB
478 B 33ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:58:03 GMT
server: ESF
date: Fri, 23 Jul 2021 14:17:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Jul 2021 14:17:27 GMT

GET
H2 200 jcarousel.responsive.css
static.libsyn.com/p/assets/platform/customplayer/ Frame 836F 2 KB
761 B 106ms
35ms Stylesheet
text/css 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/jcarousel.responsive.css
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 78512513fc22684ffb14efa1d150dad7416207241c73fb7c087a01bc7b883dcc

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:37 GMT
etag: "1593383197"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds261.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 703

GET
H2 200 lock-black.svg
static.libsyn.com/p/assets/platform/customplayer/images/ Frame 836F 1 KB
1 KB 109ms
38ms Image
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/images/lock-black.svg
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 042f1cef0d455760639cfd578141c2179ac3c0a147c4fed12863b00d216a882e

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Sun, 28 Jun 2020 22:26:38 GMT
etag: "1593383198"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds278.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 1144

GET
H2

200

height_100_width_100_overlay_Untitled_design_1.png
ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/ Frame 836F
Redirect Chain

https://assets.libsyn.com/secure/content/107866706?height=100&width=100&overlay=true
https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png

13 KB
13 KB

38ms
36ms

Image
image/png

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 60e6785cf2f4577726ee450e679e7788a70431d07cd33771d749a0fa784cbad8

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Fri, 23 Jul 2021 11:05:10 GMT
etag: "1627038310"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds202.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31524396
accept-ranges: bytes
content-length: 13462

Redirect headers

location: https://ssl-static.libsyn.com/p/assets/8/f/5/c/8f5ca35e14294b5988c4a68c3ddbc4f2/height_100_width_100_overlay_Untitled_design_1.png
date: Fri, 23 Jul 2021 14:17:28 GMT
x-libsyn-host: t4
access-control-allow-origin: *
content-length: 0
server: Apache
content-type: text/html; charset=UTF-8

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@2.1.3/dist/ Frame 836F 82 KB
29 KB 60ms
25ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@2.1.3/dist/jquery.min.js

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2412805
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29587
etag: W/"14983-YsQELp68aRpTctZTtCRRKlYdFnA"
x-served-by: cache-fra19151-FRA
date: Fri, 23 Jul 2021 14:17:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 836F 36 KB
10 KB 28ms
16ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://html5-player.libsyn.com
Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 9073254
cdn-cachedat: 2021-04-07 13:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ebb19ea8c31b851b513d51823b7584fd
cf-ray: 6735884dceb943b8-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.jcarousel.min.js Show response
static.libsyn.com/p/assets/platform/customplayer/ Frame 836F 18 KB
5 KB 106ms
36ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/customplayer/jquery.jcarousel.min.js
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4c934534eb9fefa3ae15481defd2ac395d108538ac932da8299c02d0bd3faca0

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 22:26:37 GMT
etag: "1593383197"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds098.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 5295

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
14ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1721740624799960&ev=PageView&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&rl=&if=false&ts=1627049847967&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627049847966.445544245&it=1627049847450&coo=false&rqm=GET

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 23 Jul 2021 14:17:27 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 39ms
36ms Image
text/plain 13.226.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1627049847983&ns_c=UTF-8&cv=3.5&c8=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c9=
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-29.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 19fbDCuzkqTHq_dHawD9DpL8fEZ9pQbSc9fHsGnSK0-g0sy9PlmHMA==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK arrow.png
chalk-images.s3.amazonaws.com/oddsshark/ 1 KB
2 KB 368ms
117ms Image
image/png 52.217.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chalk-images.s3.amazonaws.com/oddsshark/arrow.png
Requested by: Host: odds.oddsshark.com
URL: https://odds.oddsshark.com/css/rop-widget-styles.css?v=c4a883726167d73904f45470320e088b33e8be57
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c10b60fcdd0cf01e0c3b31b106279fb623381d7c9323df04492cae90a2daf358

Request headers

Referer: https://odds.oddsshark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:29 GMT
Last-Modified: Fri, 04 Jul 2014 13:53:55 GMT
Server: AmazonS3
x-amz-request-id: 63PM97370EDZQK6V
ETag: "b513b11d08deceba16a689f97d0f05d7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1273
x-amz-id-2: LLKYy7WkzkpsZqAaZpjavJUzEDFxpzwE67Atqa5WMFfVtuKiUbAsR4GofwFWqTxK7wR/EYLaa/I=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-2397777-11&cid=1671071275.1627049848&jid=1249333928&gjid=1482946242&_gid=1629008071.1627049848&_u=YGBAgAABAAAAAE~&z=1531488658

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Jul 2021 14:17:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailyfaceoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1937329635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&ul=en-us&de=UTF-8&dt=NHL%20Starting%20Goalies%2C%20Lines%2C%20News%2C%20Fantasy%20Tools%20-%20Daily%20Faceoff&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1249333928&gjid=1482946242&cid=1671071275.1627049848&tid=UA-2397777-11&_gid=1629008071.1627049848&gtm=2wg7l1TB47RXZ&z=698329358

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 06:35:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27716
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ Frame C2C3 39 KB
13 KB 491ms
420ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jul 2021 14:16:53 GMT
Server: Apache
ETag: "da4d1f-9a4f-5c7cb0e272517"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13270
Expires: Fri, 23 Jul 2021 15:17:28 GMT

GET
H/1.1 200
OK data_read.php Show response
embed.sendtonews.com/player4/ Frame C2C3 31 KB
6 KB 469ms
144ms XHR
text/html 54.243.196.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=wNjlkysrEgypwVDw&instance=015653&version=65.18.9&age=210723&ESG_key=0LyMZWq5&type=barker&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&ogSet=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.196.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-196-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ef3e453b2851863814ac2bec9b17ff5b90ce01a69209f54ee0f6a1ea2104342b

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 4943
Expires: Fri, 23 Jul 2021 14:17:29 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C2C3 340 KB
117 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:17:28 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame C2C3 524 KB
122 KB 18ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8491009
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 123688
cf-request-id: 097b39039e0000074650871000000001
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-8304e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5ClGG%2F2CLZCBPFjJVlXPjLnwzo9uct7LfNFBUC8cfCLYQtX1u6Gb35Iw3OGtWmmsJ%2FDKennrZnSQrgDOcJ3f7mdm6fUuGhN69PyHJh%2FmitRjBXDWaNeMTIwOMRc1HpyN%2BbjWDBv%2FGVmgB917FZJ767V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6735884eda432b65-FRA
expires: Wed, 13 Jul 2022 14:17:28 GMT

GET
H2 200 iscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ Frame C2C3 32 KB
8 KB 16ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1808457
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7559
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-80dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fASle0f20QI0D5KICYtUYhANDKWlUtJmYDExs%2FnmSCqOZq8ICTi%2F5uq%2Fjcpew7lp4pNrd4r6u301%2Balegq3ePNrZVfSyZSX%2BKp5ekBruruBs%2B3FwB075n6RFEl6zNlfDPeQyl%2BdEbbMHiQ%2BV3GI263D9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6735884eda442b65-FRA
expires: Wed, 13 Jul 2022 14:17:28 GMT

GET
H2 200 comScore.gt.min.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame C2C3 335 KB
59 KB 102ms
29ms Script
application/javascript 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 10:52:54 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 23:25:25 GMT
server: AmazonS3
age: 12278
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: SQFKDpK0ipub9TA722_yGCDl36f4mF4WampQvhXUz9dbiX3Fc2ki3g==

GET
H2 200 prebid.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/ Frame C2C3 230 KB
73 KB 103ms
31ms Script
application/javascript 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 08:08:20 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 16:52:33 GMT
server: AmazonS3
age: 22162
etag: W/"0d9ef44ff3701f373f18205e7e1bc16a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: LcdJuVeo9aigeZmCe2lroB7z-NeLF1yWt-lBKcHkic0P8gtUhoAKIQ==

GET
H3-29 200 css
fonts.googleapis.com/ Frame C2C3 4 KB
632 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58071d60d23e669438756d9c508bf141d8df6a1343734a4daa9c6f060720e811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:50:36 GMT
server: ESF
date: Fri, 23 Jul 2021 14:17:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Jul 2021 14:17:28 GMT

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame C2C3 39 KB
9 KB 18ms
17ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video-js.min.css

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 682850
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9062
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-9c87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs2X0zUtjt4sDYsyHUVXbvbMI1W6YaFm5DK0B%2BFnU%2B0h2GrRO%2FJcgq%2Bq0B%2BpCWSmBN3osOGSt64%2FF49WeUy1Lobyr8ZBZ9eI1V7ZUr4wTacP3g9mSafB%2F0SG5xaz1cBW9m4D%2FSe%2FhD0oA0E98z4zJbk7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6735884eda462b65-FRA
expires: Wed, 13 Jul 2022 14:17:28 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame C2C3 26 B
187 B 349ms
112ms Image
image/gif 34.224.251.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=wNjlkysrEgypwVDw&instance=015653&version=65.18.9&age=210723&cmd=PRE_INIT&key=0LyMZWq5&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&canonical=https://www.dailyfaceoff.com/
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.251.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-251-126.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3F86 932 B
1010 B 42ms
39ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 18 Jun 2021 21:35:08 GMT
etag: W/"60cd118c-3a4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Jul 2021 14:17:28 GMT
age: 228
x-served-by: cache-sea4460-SEA, cache-fra19127-FRA
x-cache: HIT, HIT
x-cache-hits: 2, 292
x-timer: S1627049848.236535,VS0,VE0
vary: Accept-Encoding
content-length: 537

GET
H2

200

Untitled_design_1.png
ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/ Frame C7EE
Redirect Chain

https://assets.libsyn.com/secure/content/107866706?width=0&height=0&overlay=true&player_time=1627049848231
https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png

526 KB
526 KB

42ms
41ms

Image
image/png

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c6fbcdf143ad188d3483052081a4a9f824c9ae74b23e378bfa5e72cd2326ffda

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Fri, 23 Jul 2021 04:20:00 GMT
etag: "1627014000"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds101.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31524396
accept-ranges: bytes
content-length: 538681

Redirect headers

location: https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png
date: Fri, 23 Jul 2021 14:17:28 GMT
x-libsyn-host: t6
access-control-allow-origin: *
content-length: 0
server: Apache
content-type: text/html; charset=UTF-8

GET
H2

200

Untitled_design_1.png
ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/ Frame C7EE
Redirect Chain

https://assets.libsyn.com/secure/content/107866706
https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png

526 KB
526 KB

86ms
85ms

Image
image/png

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c6fbcdf143ad188d3483052081a4a9f824c9ae74b23e378bfa5e72cd2326ffda

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Fri, 23 Jul 2021 04:20:00 GMT
etag: "1627014000"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds101.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31524396
accept-ranges: bytes
content-length: 538681

Redirect headers

location: https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png
date: Fri, 23 Jul 2021 14:17:28 GMT
x-libsyn-host: t1
access-control-allow-origin: *
content-length: 0
server: Apache
content-type: text/html; charset=UTF-8

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 836F 75 KB
76 KB 36ms
18ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://html5-player.libsyn.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617
age: 7894593
cdn-cachedat: 2021-04-23 07:11:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fdbcefeb3e73ec519abe423fcd645555
accept-ranges: bytes
cf-ray: 6735884fcea3bf28-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 open-sans-v15-latin-regular.woff2
static.libsyn.com/p/assets/platform/fonts/ Frame 836F 14 KB
14 KB 93ms
26ms Font
application/font-woff2 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.libsyn.com/p/assets/platform/fonts/open-sans-v15-latin-regular.woff2
Requested by: Host: static.libsyn.com
URL: https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Request headers

Origin: https://html5-player.libsyn.com
Referer: https://static.libsyn.com/p/assets/platform/fonts/libsyn-fonts.css?family=Open+Sans:300,400,600,700,800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Sun, 28 Jun 2020 22:26:43 GMT
etag: "1593383203"
x-hw: 1627049848.dop051.fr8.t,1627049848.cds248.fr8.hn,1627049848.cds098.fr8.c
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15819697
accept-ranges: bytes
content-length: 14048

GET
H2

200

height_360_width_302_overlay_Untitled_design_1.png
ssl-static.libsyn.com/p/assets/0/0/8/5/0085f3a8766a175227a2322813b393ee/ Frame 836F
Redirect Chain

https://assets.libsyn.com/secure/content/107866706?width=302&height=360&overlay=true&player_time=1627049848261
https://ssl-static.libsyn.com/p/assets/0/0/8/5/0085f3a8766a175227a2322813b393ee/height_360_width_302_overlay_Untitled_design_1.png

76 KB
77 KB

86ms
85ms

Image
image/png

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-static.libsyn.com/p/assets/0/0/8/5/0085f3a8766a175227a2322813b393ee/height_360_width_302_overlay_Untitled_design_1.png
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c26f65ae8d99105c7d75767a1c921b26f3c44063c8c9b95b38f03905807a3d14

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Fri, 23 Jul 2021 11:05:40 GMT
etag: "1627038340"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds282.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31525021
accept-ranges: bytes
content-length: 78195

Redirect headers

location: https://ssl-static.libsyn.com/p/assets/0/0/8/5/0085f3a8766a175227a2322813b393ee/height_360_width_302_overlay_Untitled_design_1.png
date: Fri, 23 Jul 2021 14:17:28 GMT
x-libsyn-host: t3
access-control-allow-origin: *
content-length: 0
server: Apache
content-type: text/html; charset=UTF-8

GET
H2

200

Untitled_design_1.png
ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/ Frame 836F
Redirect Chain

https://assets.libsyn.com/secure/content/107866706
https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png

526 KB
526 KB

79ms
75ms

Image
image/png

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png
Requested by: Host: html5-player.libsyn.com
URL: https://html5-player.libsyn.com/embed/episode/id/19904444/height/360/theme/legacy/thumbnail/yes/direction/backward/no-cache/true/destination_id/2625857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c6fbcdf143ad188d3483052081a4a9f824c9ae74b23e378bfa5e72cd2326ffda

Request headers

Referer: https://html5-player.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Fri, 23 Jul 2021 04:20:00 GMT
etag: "1627014000"
x-hw: 1627049848.dop217.fr8.t,1627049848.cds285.fr8.hn,1627049848.cds101.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31524396
accept-ranges: bytes
content-length: 538681

Redirect headers

location: https://ssl-static.libsyn.com/p/assets/f/7/8/1/f781eb7ca7b372fc40be95ea3302a6a1/Untitled_design_1.png
date: Fri, 23 Jul 2021 14:17:28 GMT
x-libsyn-host: t5
access-control-allow-origin: *
content-length: 0
server: Apache
content-type: text/html; charset=UTF-8

GET
BLOB 200
OK fb8a7a0f-5860-43ad-8292-2725cb3db126
https://www.dailyfaceoff.com/ Frame C2C3 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dailyfaceoff.com/fb8a7a0f-5860-43ad-8292-2725cb3db126
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 out-4.5.35.js Show response
m.stripe.network/ Frame 3F86 85 KB
18 KB 27ms
26ms Script
application/x-javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.35.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"60cd118c-153a9"
age: 225
x-cache: HIT, HIT
content-length: 18319
x-served-by: cache-sea4470-SEA, cache-fra19127-FRA
last-modified: Fri, 18 Jun 2021 21:35:08 GMT
server: nginx
x-timer: S1627049848.446585,VS0,VE0
date: Fri, 23 Jul 2021 14:17:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 280

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryaLVxwXjx6YaxWe1I

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Jul 2021 14:17:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailyfaceoff.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/200302733/ Frame C2C3 0
169 B 91ms
31ms Script
text/plain 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.242 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 673588526ef91eb5-AMS
date: Fri, 23 Jul 2021 14:17:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame C2C3 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:08:26 GMT
x-content-type-options: nosniff
age: 317342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:08:26 GMT

GET
DATA 200
OK truncated
/ Frame C2C3 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://www.dailyfaceoff.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame C2C3 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailyfaceoff.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 330678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:10 GMT

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3E2C 578 KB
190 KB 23ms
7ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyfaceoff.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailyfaceoff.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 23 Jul 2021 07:35:00 GMT
expires: Sat, 23 Jul 2022 07:35:00 GMT
last-modified: Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame C2C3 0
253 B 562ms
242ms XHR
text/html 54.225.171.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=0LyMZWq5&ES_key=0LyMZWq5&ES_ID=27500&S_RKEY=0&USR_ID=214015653&ST_usrKey=wNjlkysrEgypwVDw&SM_ID=0&C_ID=8803&C_companyName=TNN%20-%20Daily%20Faceoff&version=650180090&sC_ID=0&AC_ID=2010&TYPE=BARKER&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&PLAYERWIDTH=995&PLAYERCODE=LVFNMN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.171.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-171-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:29 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Fri, 23 Jul 2021 14:17:30 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame C2C3 26 B
186 B 112ms
111ms Image
image/gif 34.224.251.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=wNjlkysrEgypwVDw&instance=214015653&version=65.18.9&age=210723&cmd=GET&key=0LyMZWq5&c_id=8803&seq=0&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&playerCfg=BR&canonical=https://www.dailyfaceoff.com/
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.251.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-251-126.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame C2C3 0
253 B 485ms
150ms XHR
text/html 54.225.171.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=0LyMZWq5&ES_key=0LyMZWq5&ES_ID=27500&S_RKEY=eNJsE7YRpk&USR_ID=214015653&ST_usrKey=wNjlkysrEgypwVDw&SM_ID=1426890&C_ID=8803&C_companyName=TNN%20-%20Daily%20Faceoff&version=650180090&sC_ID=1225&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&PLAYERWIDTH=995&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.171.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-171-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:29 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Fri, 23 Jul 2021 14:17:30 GMT

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C2C3 44 KB
17 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 23 Jul 2021 14:17:28 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame C2C3 26 B
186 B 119ms
118ms Image
image/gif 34.224.251.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=wNjlkysrEgypwVDw&instance=214015653&version=65.18.9&age=210723&cmd=RTP&key=0LyMZWq5&c_id=8803&seq=1&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&playerCfg=BR&sC_ID=1225&sm_id=1426890&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.251.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-251-126.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C2C3 144 B
1 KB 164ms
93ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6f380717495ffdb65f018c4ad7f158f5c8305dc64c81d44064ada96dc00fa36d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jul 2021 14:17:28 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 03974cdc-b398-4038-8a4c-d42eb9defc86
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyfaceoff.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C2C3 0
120 B 127ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dailyfaceoff.com
date: Fri, 23 Jul 2021 14:17:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 tag Show response
pi979-10rsz.ads.tremorhub.com/ad/ Frame C2C3 55 B
422 B 484ms
282ms XHR
application/json 2600:1f18:612b:4232:b83a:59ae:1899:bbf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=995&playerHeight=560&srcPageUrl=https%3A%2F%2Fwww.dailyfaceoff.com%2F&supplyCode=pi979-10rsz&schain=1.0,1!sendtonews.com,36C2bnRbPZ0bYGuOS4rjpg,,,,&transactionId=d70f5ed6-e1bc-4818-a615-5276e2def6ea&referrer=https%3A%2F%2Fwww.dailyfaceoff.com%2F&hb=1&fmt=json
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:b83a:59ae:1899:bbf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 74745fb5aff2295732ca39abff9a5fbbe0d164569cae0ce4bc83a03c81091bb2

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:29 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.dailyfaceoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: application/json;charset=UTF-8

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame C2C3 0
221 B 366ms
233ms XHR
application/json 3.122.214.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SendtonewsDirect
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-52.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dailyfaceoff.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame C2C3 173 B
388 B 93ms
29ms XHR
application/json 18.195.75.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.75.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-75-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8665f38aba5434dd4a7ee1e8acac6962d78872b27adcba32b9e8db0cc67a6f56

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.dailyfaceoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame C2C3 25 B
376 B 137ms
75ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&r=%7B%22id%22%3A%22116b0fa784e2249%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221292052ccb25dc4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%2C%22sid%22%3A%22995x560%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A995%2C%22h%22%3A560%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%2C%22sizes%22%3A%5B%5B995%2C560%5D%5D%2C%22playerSize%22%3A%5B%5B995%2C560%5D%5D%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailyfaceoff.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%2236C2bnRbPZ0bYGuOS4rjpg%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f0b5befd-2e38-4d82-a70a-d32362b2f9af%22%7D%5D%7D%7D%7D%7D&ac=j&sd=1&nf=1
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c7cc2789fe1da3fce515f75fba2d685cf4eb0a139ab14b38472320f3f1683b2d

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:28 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[194.187.251.62], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.dailyfaceoff.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Fri, 23 Jul 2021 14:17:28 GMT

GET
H2 200 avjp Show response
sendtonews-d.openx.net/v/1.0/ Frame C2C3 106 B
481 B 95ms
32ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sendtonews-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailyfaceoff.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d70f5ed6-e1bc-4818-a615-5276e2def6ea&nocache=1627049848852&schain=1.0%2C1!sendtonews.com%2C36C2bnRbPZ0bYGuOS4rjpg%2C1%2Cf0b5befd-2e38-4d82-a70a-d32362b2f9af%2C%2C&auid=540931806&vwd=995&vht=560
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:28 GMT
via: 1.1 google
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.dailyfaceoff.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content 229991 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame C2C3 0
1 KB 175ms
74ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/229991
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Fri, 23 Jul 2021 14:17:29 GMT
X-SpotX-Timing-Transform: 0.000322
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.000877
X-spotx-Exception-0-RESULT: failure
X-SpotX-Timing-Page-Require: 0.000373
X-spotx-Exception-0-ID: MARKET_HALTED
Connection: keep-alive
X-spotx-Exception-0-Message: Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie: 0.000005
X-SpotX-Timing-Page: 0.046917
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000414
X-fe: 092
Last-Modified: Fri, 23 Jul 2021 14:17:29 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.043310
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dailyfaceoff.com
X-SpotX-Timing-Page-Misc: 0.001587
X-SpotX-Timing-Page-Exception: 0.000018
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.043310
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame C2C3 109 B
547 B 126ms
39ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1c4cb9ba25db58c2f41c9d23e2d68bd508eb79b7b1be6d0b92dd2399501bc27e

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dailyfaceoff.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 22 Aug 2021 14:17:28 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame C2C3 0
225 B 104ms
38ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Jul 2021 14:17:28 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dailyfaceoff.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 3F86 156 B
517 B 539ms
170ms XHR
text/plain 44.229.66.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.229.66.179 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-229-66-179.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0930249dab8da3985a65c0874352c70a8b110809823c0bfdc5ad01b02d1e7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Jul 2021 14:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame C2C3 1 KB
1 KB 38ms
28ms Image
image/png 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 10:10:07 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 14867
etag: "cb93bb50e5d021cc38de445a672c18a2"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: MyWsFo2JDK1UTFelNYh1iXACcFdop-JGHeZHCubZtniO6V4kyzjH2w==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame C2C3 322 B
638 B 30ms
29ms Image
image/png 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 10:31:28 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 13570
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 322
x-amz-cf-id: htsvAPyOWSWFusJ93FqafDFajP3sTgZQNgjGBBpfsZiACsPqLPt5pA==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame C2C3 832 B
1 KB 30ms
29ms Image
image/png 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 17:25:41 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 75109
etag: "8be584e844dabfe22970a0cb943c047e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: cn_o1HDtT8RKIiVYDMd-KnCIZiuMk7GNel3V-Kbj93PVREsxtuKCIA==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame C2C3 773 B
1 KB 31ms
30ms Image
image/png 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 00:57:39 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 48050
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 773
x-amz-cf-id: EFBjuyjUy2MT2Le1xECVo14lpDr1FPvXX6HgclOBZhrx4S5gRO3o3Q==

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D1AC 36 KB
13 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 23 Jul 2021 14:40:19 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/11441895/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
351 B

27ms
27ms

Script
application/javascript

13.226.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:10:20 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: XJPAzeU_dm4Llt2UY7ckkYPLPn2tBOvUvBDI5-PuVh9SRpjGkGBoNg==

Redirect headers

date: Fri, 23 Jul 2021 14:17:29 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: Hq0MnsoEUTmAcGMvajRaaAypyFukSIcnlNII0M4Dyn8xocVhPuxwvQ==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C2C3 1 KB
1 KB 121ms
63ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281/dailyfaceoff-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://www.dailyfaceoff.com/&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=1426890&cust_params=sessionKey=214015653-wNjlkysrEgypwVDw%26schain=sendtonews.com,36C2bnRbPZ0bYGuOS4rjpg%26content=1225%26placementType=Premium%26embed=0LyMZWq5%26domain=dailyfaceoff.com%26player_size=large%26player_width=995%26player_height=560%26player_type=barker%26version=65.18.9%26player_status=LVFNLNIY%26play_code=2008%26view100=1%26excl_cat=stl_id00002%26rand=7%26iris_context=undefined

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2743c669769658c356ba36df42fa15eb4b608e8e2afc6c45291f150b728ca87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 730
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.dailyfaceoff.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C2C3 107 B
317 B 17ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dailyfaceoff.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 14:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 spnn073180o13r20n647886835ps4q52base.en.vtt Show response
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ Frame C2C3 1 KB
2 KB 85ms
29ms XHR
text/vtt 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/spnn073180o13r20n647886835ps4q52base.en.vtt
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34053c8cad9514f5bfb9382535ea2ce394472358484cf1fd74a07e9e77273b46

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:30:53 GMT
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
age: 60397
x-cache: Hit from cloudfront
content-length: 1433
last-modified: Thu, 22 Jul 2021 21:12:53 GMT
server: AmazonS3
etag: "5c74a9e7c5433f88876631e78f5d6bdf"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: UhGmn6W35JLDJZtFEbq-2c9Mghlm7HSi6N8pdel5wI1B1hP37bbreg==

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame C2C3 26 B
186 B 112ms
111ms Image
image/gif 34.224.251.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=wNjlkysrEgypwVDw&instance=214015653&version=65.18.9&age=210723&ldt=IMA&key=0LyMZWq5&seq=1&recoveryMethod=SSAI&imaVersion=3.472.0&blocked=false&recovered=false
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.251.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-251-126.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:29 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 5aby9jhfhph1kncymlpxxr4tljbqt610.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame C2C3 45 KB
46 KB 30ms
30ms Image
image/jpeg 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5aby9jhfhph1kncymlpxxr4tljbqt610.jpg
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eedaf8c52cef3a97a954e7339800d0b094f3973ae951c2394f6161f2da8282fe

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:15:13 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 21:11:03 GMT
server: AmazonS3
age: 61337
etag: "693d0a49df79f61d38b0e03295c85c7b"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 46369
x-amz-cf-id: OfL5HAVuGnYhDHpmwPlWs5E-2blKpk0J9b0klnSm9OL9483EJbxrMA==

GET
H2 200 3ss56290rr5246o62os6o0no55o122s4playlist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ Frame C2C3 291 B
842 B 62ms
29ms XHR
application/x-mpegurl 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/3ss56290rr5246o62os6o0no55o122s4playlist.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90d491d92c4a9033fc8ceefdae8fed17b53bdbf1804512c3e37132e47dedb664

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:15:20 GMT
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
age: 61330
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Thu, 22 Jul 2021 21:06:32 GMT
server: AmazonS3
etag: "646bdbdbff1c79f137235ac670cbdc4b"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Tr8raIQ8h9fIZ0xhD5zfjavvfn79TJWHUJ-NtQcIcg329mBSFR28eQ==

GET
BLOB 200
OK f87d298a-f128-4c00-b867-6df7529e5a92
https://www.dailyfaceoff.com/ Frame C2C3 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dailyfaceoff.com/f87d298a-f128-4c00-b867-6df7529e5a92
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK f498339d-3b40-4803-b61b-e3c638e96783
https://www.dailyfaceoff.com/ Frame C2C3 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dailyfaceoff.com/f498339d-3b40-4803-b61b-e3c638e96783
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK 66b87c68-2fe5-4947-8fd5-75e23a09cb48
https://www.dailyfaceoff.com/ Frame C2C3 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dailyfaceoff.com/66b87c68-2fe5-4947-8fd5-75e23a09cb48
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3E2C 26 KB
7 KB 470ms
438ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fdailyfaceoff-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214015653-wNjlkysrEgypwVDw%26schain%3Dsendtonews.com%2C36C2bnRbPZ0bYGuOS4rjpg%26content%3D1225%26placementType%3DPremium%26embed%3D0LyMZWq5%26domain%3Ddailyfaceoff.com%26player_size%3Dlarge%26player_width%3D995%26player_height%3D560%26player_type%3Dbarker%26version%3D65.18.9%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00002%26rand%3D7%26iris_context%3Dundefined&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailyfaceoff.com%2F&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1721&hl=en&cmsid=2460952&vconp=2&video_doc_id=1426890&vpa=auto&vpmute=true&kfa=0&tfcd=0&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3012200687&sdk_apis=2%2C8&sid=E947F8F9-B4C3-47B6-A235-1EFDFF417A20&dlt=1627049846796&idt=2286&dt=1627049849530&cookie_enabled=1&correlator=570789809169762&scor=1527745925891820&ged=ve4_td3_tt1_pd3_la3000_er3818.100.4378.1095_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

422ee60b6fa13851b69c89bcc19e17210ef74dfcc266cfe4def417bf93e84bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3ss56290rr5246o62os6o0no55o122s4.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame C2C3 539 B
1 KB 28ms
28ms XHR
application/x-mpegurl 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3ss56290rr5246o62os6o0no55o122s4.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67e8d3017c2707cdb54c4240ad3c029b0ea40e73dddcfb87448e4783ff912e88

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:15:20 GMT
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
age: 61329
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 539
last-modified: Thu, 22 Jul 2021 21:06:47 GMT
server: AmazonS3
etag: "bcf8a31cb0a9932e77b61fd5e8339f3f"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: _tX5gT-WGeZYgb65qGlHMuXTm1P3_g0u3Aem-LiNDYA5i53Yw4ZoFg==

GET
H2 200 3ss56290rr5246o62os6o0no55o122s4-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame C2C3 338 KB
339 KB 36ms
36ms XHR
video/mp2t 13.226.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3ss56290rr5246o62os6o0no55o122s4-00001.ts
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbecdd91a8861a363a882af5c4168f09767b0a7cb231d0b4879c04c781e2d64e

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 21:15:21 GMT
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
age: 61329
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 346484
last-modified: Thu, 22 Jul 2021 21:06:46 GMT
server: AmazonS3
etag: "aae9fd94654d2b9f8285ff2fbda30dea"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: YoNjacqQ-jjUWuzcv6WfFJ3VgRfRHD8TPbf8sog2ZYCxObYSm0vbGQ==

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3E2C 29 KB
14 KB 109ms
53ms XHR
text/xml 64.233.184.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AuVyu2zRo0ZOVzc5wRSQtsjQpyZdDxqeZXkBX6Nzs4cYl46h-bLtFLZsWJMcIk43OJavKX-LYD-2iY2OlGG6-aKI-pUA&cry=1&dbm_d=AKAmf-DNS7F0d1ObAmEBfJra4GFlpKA6ZraLM1DpvlF-HwjxHO_UuCB93LrSvqCwNytHVubxfUOrHBMleDkPtiB1Q5TeAK_6thZzAAkL0dsT2FBNfiqppV5anjOwkQt4n6j7R1vL3WJuNBUKH_g_M8obZi7ILFr79ltOvIxxTYt9-Wi9RjaOdEywQqMQpim50QxeXeT3jXutPTZyi2lfiYYLfvi_OtsThPs3ohG0hw0FxnLN-rWx9oOAd0SHjPVnAd4f7maHS1VQMnHI7LuZ35VOoI81wfm_M9sjQ8RqZTwxaiF5vTs0InHyWquD3pDYgC_N2G0EQknE6XddPdy9-Upxl03UYj2wpE9NhqtVOkVsWBBubIOjKRSJZNFyerw4uphttRhDKa7gBPtaM9bHi1PCL7OeGlrqSsFfRtuxOl_Wej0mrwswRT70kxDCvkgyh3PbEzzHU8x9Yn32uLAhZeuEgdo7xa438B9suzAzycLDBhS1H-9wEXlQFPg-4t_2NGMJaMQ5WO-QToXvP1YNKR5Ql79p3pgJHYonaBKhXWuqXpxQA4XKS4YwL8-k6AkfxZ1DJnZCn-H-YFlF6TyqjmPWwl4tvH-AHVeH4RTW1GgyEao-dp3DTCkpEuQ7G4MlDS8jf1PDlK8AzdR-2ye_gAW69lx3WCyc3eP2ZQdcy9yTKhtQeJq410G3YTunfgAgsBIHs_0Pi--J6kLyLTWtcbCw41ETm9Q-uTXuTu6CXxEv_GLw2tbe5wgXeQQqPwWwKZ2mQyhgaNQvek4FyAm5a8pp2tiPJqC9Go2ee2nqXZXBWUjkUcYaqKlCbix5X07Ts0_HkKnJaq4Ub217XW2VLes7f2Wh_Sy6TK9R9VP3OGMerKK_CHqM2z84va1SHaEJMMf6vH4E7dy2im3NeH-BN8wMaQ9h8gnGrDGoLLA9Ogg1C5RNVAFTJ2Mnx856pwSHFCCn8CSHFWZ2fAfydSZJfrGl8wnGXm-cllizBrVUUg_1R8eGoJ-hF3jrnVPL--rb54WEPC8RjWR1mLj95IhT60LD_iuNJTWpcAf8T7Uh0Z5JLu0tzu_6QdMfdvYcOAQPvyZnUXwYX0cKSHffg0UQsM-IIFklStt2eJJsr1oV-MvrXaCbhnp5QDg7Jt2Gt78VNIW5yxBJxjFkcel29OoXrxabXU7eemlSGaP8xBB5UghrU2gXnHQED5KCtC-Wgg7cigW5FoSHl2Gy70Ak0KgTp7ZEdT2fsElusb4W2SGDwrk1_NSfz1sQW4hdkxl0TVh8_TgX0wj2_5pl2hpTgekF6WMKITKWaSonGc3Y66EFXnz5iGTecpCRtbg5esbN6r8xLyD9Z3nuts5J002QqnJ0HPls7PrCtr3AK0H160yjzkZOn9Ii-Q429RlVwgY1JxCwo3j3FdoBiXiNHhMjqLo_4zbNmGSSI2ablHdXuRs4FhZW149YXs93d7oe-7HZPJ0DCQ9zd340kKivZIzZYeDMMulZkWAV_a3GzaT2GT4BRjUrD912dzhED1ZbkbGEE5pH0tn7hli8yiEXpVK49msuqmuBxTiCMRL152yG1oIWSyq19UBQYRuSuZMBhvfmxIPRKYRMn94BJCntZ4ze6zEFNTO22YHzpv7ww2Z9sjwgK-hyPiJ2Vrz7SDeq1OWqyjLbBdlqtv2Lc0W-tfhFUHQM3Wiquk8D_3IHKWT_VLI55wILWfsBZ8YBAKVTKw0tagi9RW3iLt6oOh22sQwazIGcECEOmSkAN_zIewrMXEek6Uy7bEolcuggdpXfXZBCGDh1TWHJZLgoDAvjitir0fWTLerDi3xz1ofx1YN2ViK-TCmZDPG8XiwU4BwyGEAhcFyUx7iH9XRsr2F5DGCZ3okdr_jKosRmBE4rRCqQTFdL949JZpxIlhtnxdl1O7Uyb41A0ecMY2JzhOhwHFeeT5UovuDUfFsstWe_R__GRrqmtUoVxbq19MyB065hBj8YQNTD1WpZClB2z1qmNKUs3w1uy44i85Rw6DCRDWwcumwaGBasPa7VaWP3f7a60GbSrkutpF-ZVxpHwdcaIaje00YyIbofEtkT1oebD5gQ-UiNPuy_pQ7y4J9on194zBHj0m-zS77-NJfA3ho7PyGS7w0iokPvsSC98UtCNevY2lkHrkQaBp066NqrMFouwxO8NGDLJX25xw4lyK7r4WpPau2j-r-AbvW6lWyEXSDkoFKjTBhEKvrYagZ_PqhG5qICLDfJ_X5XE-XIswTqR_pgoquXCmtLZNglF-Zcr_qsICa3vulaYYe_UE2GUEAr_nprWEiskToiFYWkJF9S7NNWbr3YN1nN6ELoHq2Iv7JIwloeKqmfA41mJeQIgecwVdooM8EW6UAJhReGHCbCVgv0V1Q1eL0mV0NXpvrMeg1Jpix3cvUyZ87RhVwL1Rd_TlT7XtWje1KFYX9N5wy3WWUJrc79t_sL29FgWtgdSCJs2ucUjXzrDTizUuKc3zXfKWi081LxWMjExifWA-Lq-CA5WqoYS3llBzemixuZgiYobuk75d90mKnRcUMGxt7YCaGN1h1RyQMEL-tW6VHU2eCWvjCzMWlDBmRX5U0BQuici-RyuvPpGyKDzwSe6hFzCwiIFAiIHIKlTMlFwYBdUGBYjG9vCimnz38mE_VBNmWD_tiM5o8MOUed3Szer2cW8WvlU0zVH1jYekWsQ0JAt37Rm-hy86PhtRejlWR5Qc57G7cWVkbp8hjoJgCwuGLD3Rlj5VUyqpHUhTJxxz79WT7qIa25427zF3D3hhcrGFntX944IG4sRJifXb-CrmKkFmvX9YQTAmjUILMCu7-S5y28eXhXV5O5_ZDRoUW2j1b4qql_SUrD8RGBua7hiw5iTklVwol1GIVRGMvbWQienBbELB1M5kuJfpGlfBjgxcop1XPEn2rip4y3RLV3_D6DEekyKcuGIFDAmy2jSyiCYc7NXI-QduyfcTWXtDsY_2bqcTHe7_jWMsYFbFH-bDjIbHVrMCPTCH2DM5_Ljv-ukVodAke7815StpSeJraZHuFxx8JpZgjyPcCHRzxalYwZy97CC-nFWXyUr--3AMDXlwarn3C7ZrRvCfGq1uWQ5bW83D0UYb-Ls12lFFJR0MfxUL51u7rb7Dg0FioT-RXTzeLTUmL5EOHRvu6ljvK96ghGJjRe01v5wE2RHPfZpLQdpVivV_WyTMLh-xEi6nZRNUGQiEFCvzkDjlJX8fnGnr8zSdTGFWCsJ5GXYbHOqIXeWUzuFMG1LaRrxRJ8oOjzmjoagNke0qYqN8mk5HcBwM3MixtCTOPnoKmKTlxC3GsCJNGmux1-ON7KcUY8jXCYiGxxtsrpnlO2Tu5KB7UDgZb99NXoPnRUpCy1S34cwB9vdHDIbLDi7mlFB1XmXy01&cid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw&vpa=auto&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3012200687&sdk_apis=2%2C8&sid=E947F8F9-B4C3-47B6-A235-1EFDFF417A20&url=https%3A%2F%2Fwww.dailyfaceoff.com%2F&dlt=1627049846796&idt=2286&dt=1627049850017&ged=ve4_td3_tt1_pd3_la3000_er3818.100.4378.1095_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0445824bfe7b1dc6ca9236f6a3614609eb79c6d357b134c685783ae27372fbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13812
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E2C 0
348 B 500ms
178ms Ping
image/gif 2607:f8b0:4007:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krgfgycv&c=7374869826881&slotId=3687434913440.5&qqid=CMLzxoKx-fECFcOjdwodTl0Pmw&gqid=ec_6YJq5I4iRrASYl5nIAw&fb=ima_html5-lima&sdkv=h.3.472.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&vmfc=16&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
121 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 3E2C 0
0 63ms
62ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CNVsiec_6YILTJsPH3gPOur3YCfLKgedj7b25tIUOwI23ARABIPHr-0ZgufjHgNwBoAHpgd3YAsgBBakC3DhzZ8u9sz6oAwHIAxOYBACqBNIBT9A2FwPS_w67CxoZGxK6-39OH1Jf1xYpPR8K3FBp0kuAtxlLOaV6ShHDpNALUttlOzOheVVt-wZGlkHYVWBOmbmPgT7_dMfN8cFyN5y7Hyln0YsQAwinTqb8h-r2cDU_ylXU29veFFl9_s-gJdaVfyxtJKecIxKRHy44oJ5vELFup8dJm9Ce7Ir1laJPlXluOqC_1zXjghcVfvlO5doMAkqrzKJIOS8qih-X0IuCWcpH1Z13V1PqAMWr7pP0AO7nBHRluDGtyzcCDluZ_3Hs2Q9ZwASW98fJzAPgBAOIBcmFr-4zkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf__aKnAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcKEOnjEBjc0f6vAdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjM4ODE4OTg0MjY0MjU5MYAKA8gLAbATssyJDMgTvrHa3QPQEwDYEwqIFALYFAHQFQGAFwGyFxoKGAgAEhRwdWItOTUwNTgyMzc0Mzk3ODMzNw&sigh=mRIDCg9xAGY&cmd=Ch1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzNxAAGAI&cid=CAQSPwCNIrLMivTnT60frq4HWefacFd11tj79HwOR-6et2YEiyn_sNSb_RrQWKcnKPuYgNzxAQS_MsDrmHXn9FnuZA&vt=10&sdkv=h.3.472.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzQwMDUxMDMyNzNA2wMKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDE0ODI1MzEyCTE1NDc0ODc1MUByUjMI5AcQDyUAAHBBKAE6CzM2OTA3NjQ0NC0xQgRHREJNUABaEE5pV3FrTlF3TEdMNFBlcHIYAQ..
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame C2C3 0
54 B 472ms
180ms Ping
image/gif 2607:f8b0:4007:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krgfgxsg&c=7374869826881&slotId=3687434913440.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

52
r5---sn-4g5ednsr.c.2mdn.net/videoplayback/id/3efde2296afe327c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1658585850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C2C3
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/3efde2296afe327c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1658585850/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-4g5ednsr.c.2mdn.net/videoplayback/id/3efde2296afe327c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1658585850/sparams/acao,ctier,expire,id,ip,ipbits,ita...

2 MB
2 MB

22ms
8ms

Media
video/mp4

2a00:1450:401e:28::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsr.c.2mdn.net/videoplayback/id/3efde2296afe327c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1658585850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/710FFD79947F699F387E64B184245CBCE400AAF4.398E15A39A53E96B4F9E5F6FA6D07FEE62B2AA5B/key/cms1/cms_redirect/yes/mh/1h/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1627049551/mv/m/mvi/5/pl/52?cpn=NiWqkNQwLGL4Pepr&file=file.mp4

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:401e:28::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5b4b8416d34bd62e3cde070817610729acda61d2f511bb046db459ad051f3fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Jul 2021 15:20:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2238896/2238897
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2238897
Expires: Fri, 23 Jul 2021 14:17:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5ednsr.c.2mdn.net/videoplayback/id/3efde2296afe327c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1658585850/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/710FFD79947F699F387E64B184245CBCE400AAF4.398E15A39A53E96B4F9E5F6FA6D07FEE62B2AA5B/key/cms1/cms_redirect/yes/mh/1h/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1627049551/mv/m/mvi/5/pl/52?cpn=NiWqkNQwLGL4Pepr&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 675
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3E2C 0
54 B 461ms
179ms Ping
image/gif 2607:f8b0:4007:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~krgfgz6i&c=7374869826881&slotId=3687434913440.5&qqid=CMLzxoKx-fECFcOjdwodTl0Pmw&gqid=ec_6YJq5I4iRrASYl5nIAw&fb=ima_html5-lima&sdkv=h.3.472.0&mrd=4&aab=0&itv=1&gpm_i=16&gpm_c=16&gpm_a=13&smb=1000&br=996&mt=video%2Fmp4&vs=640x360&webm=3&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
64 B 26ms
24ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E2C 41 KB
15 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 13:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:01 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E2C 0
20 B 52ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3E2C 0
592 B 130ms
68ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstC1HIAwKMwE-fFaZgrzQZqP67MpvF7E8uzECQP5cJ72VpGM5PoKHIAs6-TzoJqZB6JeUTQ31ycCmNGyKZpl7eqwX7Gesc4FZdfKIBq_LiM5tcs7W76Vt_iKAInLeKDKexJPxz_dLB9h-SGSAe84T5m9B4viLEjNNbTcbsSW__03FpCcOUjfOuPEu9CtABE-6cr3MaI9bb4FiZpCBMXzNvSIskTX2E9EUWs2qKG45lAFT7hdh-o5FyD9SJTH055Mcczj6RLU3KouSjeN9kxL6ooYVKySyatdsX4R8c5mwcm2hIW8fXgoZvhOxhv-ZYvJohG9LWeeMk1atUjengv2p8x5ATvB84fTTgXYoFGaLNQPfqABgp1MtHxKgQMJnvKcb_c4EC9J-IXvcUKBolgJneU9slev1puYtooiEM-6JbVozaDLvj0vv2z_Eyoewf1yklPybRtUezsSPEQAPFNW1GQ973usfUQegRLhByf9ro7mGwwhaDaIh_R0iR01ewAgOCimsOqbSn-7zqIjLkE0hviftGAC-sS_EfxJofEUCoYAJW95unUzo0yjCcZi7wuT8C6GXeksGndCRxLrF_XdNklYr9g3fn2PpjDeSITcHzOGIsh4gJFUqcf3YoEG2MEAep9wabtsxgjm1AIK-TUrsTmzMJv9H9o0hMU-mGUmNAiWeXHTbZEFcW7fCvg3V6oLOOSNOTCcRGaU4-sXOgqSGGypHRBntv4Il2wuCaqDPvD3Ido_Mt5wLrBNuezsepwsbOz56S9fcx0D1FwxkIj4gKhEmxp5KtFEoHOneHwOUUKia8ZW1AbcZ7gMKPQ9RVsU-oROy0xuRrVdlnuntrqhWig5eSI6n0YRf2WnA-BTm1aHJKZBxX3eYpKtSeg80Wep6t-_nOKoYRofngDuZLixkFStsqMJIuR9fT4DSATN4207aHtwJv5MPiaZU-AzqoSRLnp9JGHzPhqRHtyjaNOKRdZ0xPtMnV9c2OZRi9J2woiK-iFytwxv5XRfkJVm2OzmQbg9UOg7gU2FKd_kuT1bdTqI6Es9yNSKAYFvA78rQKWrkcrxfEsPiyFRTS27-KVZfFsVdMzWqq2VmMK5491B_H1i-TRM7LwpT-nzfX5aQaVhXe37Kbgfl6s6I_sa57hBCbxFVFmMtEZXs787sc&sai=AMfl-YQrv058THZWFAKqj6f8cRECGn2JsjRz61v0Qr3pUzhoMW6848np0OSyl3i3cHVCl1uM_gPo5qEIXtdJoyISOUxfb44Qy8X4YqcMAHX9TVtYO4gOoJt363G8jbEXEJYH-Usz8601bUguQHv-N6ocFGVVUwEHJFb5SVXuQts&sig=Cg0ArKJSzMfmlZActpa_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.472.0&adurl=

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 23 Jul 2021 14:17:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E2C 0
0 19ms
17ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiEVRDrv6gCGNzR_q8BIAEwAQ&v=APEucNU4bj2H7DA6Gl4kHsLsAbdBp-LfK_974cxP0hBbgC_16BbXjXnNkZycKHoln9cONhBhFTlpCqEG5SBIQ5df3jiqrNpoMw
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpcniec_6YILTJsPH3gPOur3YCfLKgedj7b25tIUOwI23ARABIPHr-0ZgufjHgNwBoAHpgd3YAsgBBakC3DhzZ8u9sz6oAwHIAxOYBACqBNUBT9A2FwPS_w67CxoZGxK6-39OH1Jf1xYpPR8K3FBp0kuAtxlLOaV6ShHDpNALUttlOzOheVVt-wZGlkHYVWBOmbmPgT7_dMfN8cFyN5y7Hyln0YsQAwinTqb8h-r2cDU_ylXU29veFFl9_s-gJdaVfyxtJKecIxKRHy44oJ5vELFup8dJm9Ce7Ir1laJPlXluOqC_1zXjghcVfvlO5doMAkqrzKJIOS8qih-X0IuCWcpH1Z13V1OyAV9efQGUklcB6SOFVQ5nWxfBnnQaaV5vZ19BACXrwASW98fJzAPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMzg4MTg5ODQyNjQyNTkxgAoDyAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=1CT8DdNAuPA&label=vast_creativeview&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D3818,100,4378,1095%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1103%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1627049850286%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1627049850171&sdkv=h.3.472.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzQwMDUxMDMyNzNA2wMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDE0ODI1MzEyCTE1NDc0ODc1MUByUjYI5AcQDyUAAHBBKAE6CzM2OTA3NjQ0NC0xQgRHREJNSIMBUABaEE5pV3FrTlF3TEdMNFBlcHIYAQ..

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26c...
ade.googlesyndication.com/ddm/activity/ Frame 3E2C 42 B
107 B 126ms
66ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D3818,100,4378,1095%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1627049850288%26pngs%3D9,14,200103c,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627049850171;ecn1=1;etm1=0;eid1=200101;

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3E2C 42 B
64 B 54ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIBNZ1z-9xCxoi5dlvFK8ZRhBgZwc3UM_BBbR7LUqSss64u1H8-KIxqkhpq2m5OPFetE2uJA30BQjwBgTYw_gzN7xpSIaN5pB934EBONdQ8MV6VXDp-kVzng7duw&sai=AMfl-YRPN0qQbYlBytbiy5e1WpFsAfLU_JukJphOBWG9oMYhbC65DNaRLdGxnv83AjupYzCR_U0Bf5sqT3enc2LPHZJJrj4Bpjy5nVmYCPTtEAONtmUZjzbc1pO7Bp87OjuT&sig=Cg0ArKJSzFlabc6wGAI3EAE&cid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D3818,100,4378,1095%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1627049850288%26pngs%3D9,14,200103c,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627049850171&avm=1

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26c...
ade.googlesyndication.com/ddm/activity/ Frame 3E2C 42 B
515 B 126ms
65ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D3818,100,4378,1095%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1627049850292%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627049850171;dc_rfl=1,https%253A%252F%252Fwww.dailyfaceoff.com%252F%240;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpcniec_6YILTJsPH3gPOur3YCfLKgedj7b25tIUOwI23ARABIPHr-0ZgufjHgNwBoAHpgd3YAsgBBakC3DhzZ8u9sz6oAwHIAxOYBACqBNUBT9A2FwPS_w67CxoZGxK6-39OH1Jf1xYpPR8K3FBp0kuAtxlLOaV6ShHDpNALUttlOzOheVVt-wZGlkHYVWBOmbmPgT7_dMfN8cFyN5y7Hyln0YsQAwinTqb8h-r2cDU_ylXU29veFFl9_s-gJdaVfyxtJKecIxKRHy44oJ5vELFup8dJm9Ce7Ir1laJPlXluOqC_1zXjghcVfvlO5doMAkqrzKJIOS8qih-X0IuCWcpH1Z13V1OyAV9efQGUklcB6SOFVQ5nWxfBnnQaaV5vZ19BACXrwASW98fJzAPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMzg4MTg5ODQyNjQyNTkxgAoDyAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=1CT8DdNAuPA&label=part2viewed&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D3818,100,4378,1095%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1627049850292%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627049850171&sdkv=h.3.472.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzQwMDUxMDMyNzNA2wMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDE0ODI1MzEyCTE1NDc0ODc1MUByUjYI5AcQDyUAAHBBKAE6CzM2OTA3NjQ0NC0xQgRHREJNSIMBUABaEE5pV3FrTlF3TEdMNFBlcHIYAQ..

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D3818,100,4378,1095%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D19%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D19%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D19%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1627049850298%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627049850171;ecn1=1;etm1=0;eid1=16;

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpcniec_6YILTJsPH3gPOur3YCfLKgedj7b25tIUOwI23ARABIPHr-0ZgufjHgNwBoAHpgd3YAsgBBakC3DhzZ8u9sz6oAwHIAxOYBACqBNUBT9A2FwPS_w67CxoZGxK6-39OH1Jf1xYpPR8K3FBp0kuAtxlLOaV6ShHDpNALUttlOzOheVVt-wZGlkHYVWBOmbmPgT7_dMfN8cFyN5y7Hyln0YsQAwinTqb8h-r2cDU_ylXU29veFFl9_s-gJdaVfyxtJKecIxKRHy44oJ5vELFup8dJm9Ce7Ir1laJPlXluOqC_1zXjghcVfvlO5doMAkqrzKJIOS8qih-X0IuCWcpH1Z13V1OyAV9efQGUklcB6SOFVQ5nWxfBnnQaaV5vZ19BACXrwASW98fJzAPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMzg4MTg5ODQyNjQyNTkxgAoDyAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=1CT8DdNAuPA&label=admute&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D3818,100,4378,1095%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D19%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D19%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D19%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1627049850298%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1627049850171&sdkv=h.3.472.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzQwMDUxMDMyNzNA2wMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDE0ODI1MzEyCTE1NDc0ODc1MUByUjYI5AcQDyUAAHBBKAE6CzM2OTA3NjQ0NC0xQgRHREJNSIMBUABaEE5pV3FrTlF3TEdMNFBlcHIYAQ..

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame C2C3 0
253 B 139ms
137ms XHR
text/html 54.225.171.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=0LyMZWq5&ES_key=0LyMZWq5&ES_ID=27500&S_RKEY=eNJsE7YRpk&USR_ID=214015653&ST_usrKey=wNjlkysrEgypwVDw&SM_ID=1426890&C_ID=8803&C_companyName=TNN%20-%20Daily%20Faceoff&version=650180090&sC_ID=1225&AC_ID=2008&TYPE=BARKER&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&PLAYERWIDTH=995&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.18.9/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.171.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-171-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:30 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Fri, 23 Jul 2021 14:17:31 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame C2C3 26 B
186 B 113ms
112ms Image
image/gif 34.224.251.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=wNjlkysrEgypwVDw&instance=214015653&version=65.18.9&age=210723&cmd=INV&key=0LyMZWq5&c_id=8803&seq=1&EXTREF=https://www.dailyfaceoff.com/&REF=https://www.dailyfaceoff.com/&playerCfg=BR&alt=0&sC_ID=1225&sm_id=1426890&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.251.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-251-126.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:30 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame C2C3 64 B
443 B 38ms
38ms Image
image/gif 13.226.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1627049848917&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1426890&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1627049850317&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1400&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=WHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c8=&c9=
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-29.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:30 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 8wtbFsEzfmYaa401G45YBoKqOxN3CayzgzApqZRcz8HsnuStv5KCbQ==

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 57C1 23 KB
9 KB 21ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Thu, 22 Jul 2021 13:25:02 GMT
expires: Fri, 22 Jul 2022 13:25:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 89548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 9ed6_nQfnMrUg05r027NxL2aUp_091DFxQGup7yyecw.js Show response
pagead2.googlesyndication.com/bg/ Frame 57C1 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ed6_nQfnMrUg05r027NxL2aUp_091DFxQGup7yyecw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e77afe741f9ccad4834e6bd36ecdc4bd9a529ff4f750c5c501aea7bcb279cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13294
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 14:01:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57C1 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.472.0&bgai=BUwTLes_6YPuzBZqIlgTpt5r4BAAAAAA4AeAEAg&bg=!VValVhLNAAbnC78O5ws7ACkAdvg8WlRLWU_s6LY7zE4MeT0TtjId0R63rubg40D8xFbcZu13v_8-zgIAAAB8UgAAAA5oAQcKAHvYK1wqYTYbm-wx4VdPTfb6HGGVJdhBWSaFdCeXiwgH8xmCr-mhuEQkb7G6tpxqq8cxqkJMN4VW1GD-qM-2vd8MsxC_1ntXpowOGtUw8c9Uafln7DmoHoLUQk4lxOPTYiTXTQTQhQSH2zEvNspzyQrc6ID8XUxuD6fHwbmZArSGGe1iUs18dQlBhZYgJzZ0YSRLMcQojcAp0SrKPG77Iowuk2KaGCy2WamARPZGWzw33io937fV4YcYqIcT9UnKlf8gqMa86Y-6xhc1C_a0AZA2FEVDaplq9qmj8mULFA7bGkk-ACtfw161xka-Ny58IqFdFsyM7LFW1UV6UZyt2ey06gZiEeA1Kl63nRiWnzaTn5rjQ33A88rREx_5XJuik80V9qVuifkPTi9zehLUuaGToDF4bz52xNAJRtFpIHB6SPc5vC3vPfetBObkWpabDyyzYAcMxi6h10ncnOgXaheBRIUMorAXT-fPqdrOwOOQvp506L0NTjGdj4wADaLspWKVgvYOlbaQroWvLuR2LiBLUWMMZyT5cQSj_ksc_o1k5sGXuX_pDUrdD_dV9reb4kToEjfeJwQ2KhWkrxAVfj_126W4OrLJNf97LSHJg2e3gz_cZ-YmzJP6RZUXtuVmUj7sFCugB-dOxczVLwdAVN5vIvTn_LjZhNcacGuRL7zqwC4eYQ_78e0AoZH50JmPKgeO0E-Sg7aEJmMa5O6cTIUCa-Ncvxa74W6lBGWxLcP_szmU50qxHFOA9yQtrjJrSKtc5YrfUldWylUEiEyienFxitPC62gmjg2-iuKCA_2LPnjZTf6A40WLu8QrZlyqNDJlmVb4nE1S5Iq5ng3eNJk1JmoEHJFu6WfFK5NpA9SEUuMMM3hyGv2LZB_uKKbYEm44Li0TO1wpwnvASCU0ORXZF0noLsPcGohwD8IAy7o4RA3d8bggu_J-dOLe2dua49jCPn9zGHWq7TQMQgEKsCSUay4_OUT_Q69RF87b8Ln4sbsAlZoutYD5VsMn7joRTPcU-EnmwlAnuetcjnHqeK8bg_eVXt0oxJhpu4b9e5fK9E2Re4yclnlMy20IZPX2fPC4Tw

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame F971
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
753 B

29ms
28ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: ddba832ab48ccd9c9d4ca77deb6354263ff35993f311f295188dbef5420b38dc

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyfaceoff.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=ffbc1cc9-b630-4bd9-acf1-076c1246cf73|1627049852
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailyfaceoff.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=ffbc1cc9-b630-4bd9-acf1-076c1246cf73|1627049852; Version=1; Expires=Sat, 23-Jul-2022 14:17:32 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1627049852|gekin0vNiygu; Version=1; Expires=Sat, 07-Aug-2021 14:17:32 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 23 Jul 2021 14:17:32 GMT
content-type: text/html
content-length: 421
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=ffbc1cc9-b630-4bd9-acf1-076c1246cf73|1627049852; Version=1; Expires=Sat, 23-Jul-2022 14:17:32 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Fri, 23 Jul 2021 14:17:32 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8BD4 281 B
554 B 75ms
23ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dailyfaceoff.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailyfaceoff.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Jul 2021 14:17:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/ Frame C2C3
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiODVhMGViZS1lYmMwLTExZWItOGM1Mi0wNjJjN2Q0MmIwOWE%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEK6Mu62B64zKD0D6lp7djs4&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK6Mu62B64zKD0D6lp7djs4&google_cver=1&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a

0
1 KB

29ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK6Mu62B64zKD0D6lp7djs4&google_cver=1&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:32 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK6Mu62B64zKD0D6lp7djs4&google_cver=1&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a
date: Fri, 23 Jul 2021 14:17:32 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/ Frame C2C3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a&verify=true

0
1 KB

30ms
29ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a&verify=true

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:32 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 23 Jul 2021 14:17:32 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPrPfAADBN2HigAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPrPfAADBN2HigAC&apid=UPb85a0ebe-ebc0-11eb-8c52-062c7d42b09a&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/ Frame C2C3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ece48222-8560-4ced-a151-8d71ba5753c1&_origin=1&gdpr=1&gdpr_consent=

0
234 B

84ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=ece48222-8560-4ced-a151-8d71ba5753c1&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:32 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=ece48222-8560-4ced-a151-8d71ba5753c1&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F971
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=041d60fa-cf7c-4800-9c3e-4029ad42fb1b

43 B
106 B

30ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=041d60fa-cf7c-4800-9c3e-4029ad42fb1b
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 23 Jul 2021 14:16:54 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=041d60fa-cf7c-4800-9c3e-4029ad42fb1b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 23 Jul 2021 14:16:53 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F971
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K6KUxX70xccwpJOULqXflCn0kcEw9pORKvEbOO_y

43 B
122 B

28ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K6KUxX70xccwpJOULqXflCn0kcEw9pORKvEbOO_y
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K6KUxX70xccwpJOULqXflCn0kcEw9pORKvEbOO_y
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F971
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1372736530039405411

43 B
106 B

27ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1372736530039405411
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1372736530039405411
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame F971 70 B
264 B 40ms
39ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=2c102390-1fb7-742e-f627-cf847661fc8e&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F971
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA3ZmYwNWEtZDZjMC0yYThhLWUzYzctOTUzZGJjODMzMmVl
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA3ZmYwNWEtZDZjMC0yYThhLWUzYzctOTUzZGJjODMzMmVl&google_tc=

170 B
188 B

72ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA3ZmYwNWEtZDZjMC0yYThhLWUzYzctOTUzZGJjODMzMmVl&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA3ZmYwNWEtZDZjMC0yYThhLWUzYzctOTUzZGJjODMzMmVl&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F971
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENprJVg5ZHhy4c4yC2WAZok&google_cver=1

43 B
106 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENprJVg5ZHhy4c4yC2WAZok&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENprJVg5ZHhy4c4yC2WAZok&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8BD4 31 KB
10 KB 33ms
33ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:17:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22002
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Fri, 23 Jul 2021 20:24:14 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8BD4 284 B
536 B 130ms
37ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2238%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D635%26pst%3D433%26dur%3D15018%26vmtime%3D1949%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2219%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1627049852517%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171;ecn1=1;etm1=0;eid1=200000;

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3E2C 42 B
289 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIBNZ1z-9xCxoi5dlvFK8ZRhBgZwc3UM_BBbR7LUqSss64u1H8-KIxqkhpq2m5OPFetE2uJA30BQjwBgTYw_gzN7xpSIaN5pB934EBONdQ8MV6VXDp-kVzng7duw&sai=AMfl-YRPN0qQbYlBytbiy5e1WpFsAfLU_JukJphOBWG9oMYhbC65DNaRLdGxnv83AjupYzCR_U0Bf5sqT3enc2LPHZJJrj4Bpjy5nVmYCPTtEAONtmUZjzbc1pO7Bp87OjuT&sig=Cg0ArKJSzFlabc6wGAI3EAE&cid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2238%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D635%26pst%3D433%26dur%3D15018%26vmtime%3D1949%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2219%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1627049852517%26pngs%3D9,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D3763,0,0,0,0%26mtos%3D3763,3763,3763,3763,3763%26amtos%3D0,0,0,0,0%26mcvt%3D3763%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3995%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D838%26pst%3D433%26dur%3D15018%26vmtime%3D3949%26dtos%3D1757%26dtoss%3D2%26dvs%3D1757%26dfvs%3D1757%26dvpt%3D1757%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3763,3763,3763,3763,3763%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1627049854273%26pngs%3D9s,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3763;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171;ecn1=1;etm1=0;eid1=960584;

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
210 B 17ms
16ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpcniec_6YILTJsPH3gPOur3YCfLKgedj7b25tIUOwI23ARABIPHr-0ZgufjHgNwBoAHpgd3YAsgBBakC3DhzZ8u9sz6oAwHIAxOYBACqBNUBT9A2FwPS_w67CxoZGxK6-39OH1Jf1xYpPR8K3FBp0kuAtxlLOaV6ShHDpNALUttlOzOheVVt-wZGlkHYVWBOmbmPgT7_dMfN8cFyN5y7Hyln0YsQAwinTqb8h-r2cDU_ylXU29veFFl9_s-gJdaVfyxtJKecIxKRHy44oJ5vELFup8dJm9Ce7Ir1laJPlXluOqC_1zXjghcVfvlO5doMAkqrzKJIOS8qih-X0IuCWcpH1Z13V1OyAV9efQGUklcB6SOFVQ5nWxfBnnQaaV5vZ19BACXrwASW98fJzAPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMzg4MTg5ODQyNjQyNTkxgAoDyAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=1CT8DdNAuPA&label=videoplaytime25&ad_mt=3949&acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D3763,0,0,0,0%26mtos%3D3763,3763,3763,3763,3763%26amtos%3D0,0,0,0,0%26mcvt%3D3763%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3995%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D838%26pst%3D433%26dur%3D15018%26vmtime%3D3949%26dtos%3D1757%26dtoss%3D2%26dvs%3D1757%26dfvs%3D1757%26dvpt%3D1757%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3763,3763,3763,3763,3763%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1627049854273%26pngs%3D9s,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3763&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171&sdkv=h.3.472.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzQwMDUxMDMyNzNA2wMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDE0ODI1MzEyCTE1NDc0ODc1MUByUjYI5AcQDyUAAHBBKAE6CzM2OTA3NjQ0NC0xQgRHREJNSIMBUABaEE5pV3FrTlF3TEdMNFBlcHIYAQ..

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D7513,0,0,0,0%26mtos%3D7513,7513,7513,7513,7513%26amtos%3D0,0,0,0,0%26mcvt%3D7513%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1641%26pst%3D433%26dur%3D15018%26vmtime%3D7699%26dtos%3D3750%26dtoss%3D3%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D39,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483393%26psv%3D255%26psfv%3D255%26psa%3D0%26ptlt%3D1627049858025%26pngs%3D9s,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7513;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171;ecn1=1;etm1=0;eid1=18;

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
210 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpcniec_6YILTJsPH3gPOur3YCfLKgedj7b25tIUOwI23ARABIPHr-0ZgufjHgNwBoAHpgd3YAsgBBakC3DhzZ8u9sz6oAwHIAxOYBACqBNUBT9A2FwPS_w67CxoZGxK6-39OH1Jf1xYpPR8K3FBp0kuAtxlLOaV6ShHDpNALUttlOzOheVVt-wZGlkHYVWBOmbmPgT7_dMfN8cFyN5y7Hyln0YsQAwinTqb8h-r2cDU_ylXU29veFFl9_s-gJdaVfyxtJKecIxKRHy44oJ5vELFup8dJm9Ce7Ir1laJPlXluOqC_1zXjghcVfvlO5doMAkqrzKJIOS8qih-X0IuCWcpH1Z13V1OyAV9efQGUklcB6SOFVQ5nWxfBnnQaaV5vZ19BACXrwASW98fJzAPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMzg4MTg5ODQyNjQyNTkxgAoDyAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=1CT8DdNAuPA&label=videoplaytime50&ad_mt=7699&acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D7513,0,0,0,0%26mtos%3D7513,7513,7513,7513,7513%26amtos%3D0,0,0,0,0%26mcvt%3D7513%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1641%26pst%3D433%26dur%3D15018%26vmtime%3D7699%26dtos%3D3750%26dtoss%3D3%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D39,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147483393%26psv%3D255%26psfv%3D255%26psa%3D0%26ptlt%3D1627049858025%26pngs%3D9s,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7513&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171&sdkv=h.3.472.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzQwMDUxMDMyNzNA2wMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDE0ODI1MzEyCTE1NDc0ODc1MUByUjYI5AcQDyUAAHBBKAE6CzM2OTA3NjQ0NC0xQgRHREJNSIMBUABaEE5pV3FrTlF3TEdMNFBlcHIYAQ..

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame C2C3
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1627049848917&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1627049848917&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...

64 B
331 B

43ms
42ms

Image
image/gif

13.226.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1627049848917&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10034&ns_st_cl=15000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1426890&ns_st_pt=10034&ns_st_dpt=10034&ns_st_ipt=10034&ns_st_ap=10034&ns_st_dap=10034&ns_st_et=10034&ns_st_det=10034&ns_st_upc=10034&ns_st_dupc=10034&ns_st_iupc=10034&ns_st_upa=10034&ns_st_dupa=10034&ns_st_iupa=10034&ns_st_lpc=10034&ns_st_dlpc=10034&ns_st_lpa=10034&ns_st_dlpa=10034&ns_st_pa=10034&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1627049860351&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=WHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c8=&c9=
Requested by: Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-29.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.dailyfaceoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 14:17:40 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 9-Jp7G75z8iyLBwHZFpsWO1SIinYkKwjCW27kys_p0HAxwzELnbH4w==

Redirect headers

date: Fri, 23 Jul 2021 14:17:40 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1627049848917&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10034&ns_st_cl=15000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=pre-roll&ns_st_ci=1426890&ns_st_pt=10034&ns_st_dpt=10034&ns_st_ipt=10034&ns_st_ap=10034&ns_st_dap=10034&ns_st_et=10034&ns_st_det=10034&ns_st_upc=10034&ns_st_dupc=10034&ns_st_iupc=10034&ns_st_upa=10034&ns_st_dupa=10034&ns_st_iupa=10034&ns_st_lpc=10034&ns_st_dlpc=10034&ns_st_lpa=10034&ns_st_dlpa=10034&ns_st_pa=10034&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1627049860351&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va11&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=WHL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.dailyfaceoff.com%2F&c8=&c9=
content-length: 1235
x-amz-cf-id: SVT0TZUsN-ZIxXHB9uMJqgxi2Btp_FZQMjhltK63gPT92TWOYrgmIw==

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9jigrH58QIVGoSFCh3pmwZPEAAYACDPjuVJOhoIvrHApwEQlvfHycwDGL6x2t0DIO29ubSFDkITCMLzxoKx-fECFcOjdwodTl0Pmw;dc_rmcid=CAASFeRo9goXt1v3LBzbuu-6FPvdgIxPGw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D11265,0,0,0,0%26mtos%3D11265,11265,11265,11265,11265%26amtos%3D0,0,0,0,0%26mcvt%3D11265%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11497%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2446%26pst%3D433%26dur%3D15018%26vmtime%3D11444%26dtos%3D3752%26dtoss%3D4%26dvs%3D3752%26dfvs%3D3752%26dvpt%3D3752%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3752,3752,3752,3752,3752%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D58%26emuc%3D0%26emb%3D57,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147479553%26psv%3D4095%26psfv%3D4095%26psa%3D0%26ptlt%3D1627049861776%26pngs%3D9s,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11265;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171;ecn1=1;etm1=0;eid1=960585;

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3E2C 42 B
210 B 18ms
17ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpcniec_6YILTJsPH3gPOur3YCfLKgedj7b25tIUOwI23ARABIPHr-0ZgufjHgNwBoAHpgd3YAsgBBakC3DhzZ8u9sz6oAwHIAxOYBACqBNUBT9A2FwPS_w67CxoZGxK6-39OH1Jf1xYpPR8K3FBp0kuAtxlLOaV6ShHDpNALUttlOzOheVVt-wZGlkHYVWBOmbmPgT7_dMfN8cFyN5y7Hyln0YsQAwinTqb8h-r2cDU_ylXU29veFFl9_s-gJdaVfyxtJKecIxKRHy44oJ5vELFup8dJm9Ce7Ir1laJPlXluOqC_1zXjghcVfvlO5doMAkqrzKJIOS8qih-X0IuCWcpH1Z13V1OyAV9efQGUklcB6SOFVQ5nWxfBnnQaaV5vZ19BACXrwASW98fJzAPgBAOQBgGgBnaAB__9oqcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0yMzg4MTg5ODQyNjQyNTkxgAoDyAsB4AsBgAwBsBOyzIkMyBO-sdrdA9ATANgTCogUAtgUAdAVAYAXAQ&sigh=1CT8DdNAuPA&label=videoplaytime75&ad_mt=11445&acvw=sv%3D900%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D11265,0,0,0,0%26mtos%3D11265,11265,11265,11265,11265%26amtos%3D0,0,0,0,0%26mcvt%3D11265%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11497%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2446%26pst%3D433%26dur%3D15018%26vmtime%3D11444%26dtos%3D3752%26dtoss%3D4%26dvs%3D3752%26dfvs%3D3752%26dvpt%3D3752%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3752,3752,3752,3752,3752%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%3D200103%26femt%3D1103%26femvt%3D0%26emc%3D58%26emuc%3D0%26emb%3D57,0,0,0,0%26avms%3Dexc%26qi%3D137678280%26psm%3D-2147479553%26psv%3D4095%26psfv%3D4095%26psa%3D0%26ptlt%3D1627049861776%26pngs%3D9s,14,200103c,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11265&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1627049850171&sdkv=h.3.472.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzQwMDUxMDMyNzNA2wMKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDE0ODI1MzEyCTE1NDc0ODc1MUByUjYI5AcQDyUAAHBBKAE6CzM2OTA3NjQ0NC0xQgRHREJNSIMBUABaEE5pV3FrTlF3TEdMNFBlcHIYAQ..

Requested by

Host: www.dailyfaceoff.com
URL: https://www.dailyfaceoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 14:17:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

3850 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dailyfaceoff.com/	1970-01-19 19:58:56	Name: _gid Value: GA1.2.1629008071.1627049848
.www.dailyfaceoff.com/	1970-01-19 19:57:31	Name: __stripe_sid Value: d445c218-bf7f-4a6d-b58b-af32d21e4714331da6
.dailyfaceoff.com/	1970-01-20 13:28:41	Name: _ga Value: GA1.2.1671071275.1627049848
.www.dailyfaceoff.com/	1970-01-20 04:43:05	Name: __stripe_mid Value: 452bdc9a-5222-47f7-8642-be4f9941399f018e96
.dailyfaceoff.com/	1970-01-19 19:57:29	Name: _dc_gtm_UA-2397777-11 Value: 1
.dailyfaceoff.com/	1970-01-19 22:07:05	Name: _fbp Value: fb.1.1627049847966.445544245

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://embed.sendtonews.com/player2/embedcode.php?fk=0LyMZWq5&cid=8803&floatwidth=400(Line 1) Message: %c SendtoNews %c %s background: #08C; color: #FFF; Installing Embed Code version 20210712 in origin root. [Webpack]
console-api	log	URL: https://embed.sendtonews.com/player2/embedcode.php?fk=0LyMZWq5&cid=8803&floatwidth=400(Line 1) Message: %c SendtoNews %c %s %o %s %o %s %s background: #C80; color: #FFF; Building from version 2 legacy tag at [object HTMLDivElement] with key 0LyMZWq5
console-api	info	URL: https://embed.sendtonews.com/player2/embedcode.php?fk=0LyMZWq5&cid=8803&floatwidth=400(Line 1) Message: %c SendtoNews %c %s %o background: #08C; color: #FFF; Installing player [0LyMZWq5] in element [object HTMLDivElement]
console-api	log	URL: https://s.dblks.net/ff/db.2633921.js(Line 1) Message: Adding dynamic slot dfo_dynamic_slot_1
console-api	log	URL: https://s.dblks.net/ff/db.2633921.js(Line 1) Message: Adding dynamic slot dfo_dynamic_slot_2
console-api	log	URL: https://s.dblks.net/ff/db.2633921.js(Line 1) Message: Adding dynamic slot dfo_dynamic_slot_3
console-api	log	URL: https://s.dblks.net/ff/db.2633921.js(Line 1) Message: Adding dynamic slot dfo_dynamic_slot_4
console-api	log	URL: https://s.dblks.net/ff/db.2633921.js(Line 1) Message: Adding dynamic slot dfo_dynamic_slot_5
console-api	log	URL: https://cdn.vuukle.com/platform.js(Line 2) Message: %c[VUUKLE] platform.js version: 3.13.7. Need help? Reach us at support[at]vuukle[dot]com color:#039BE5;
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 1721740624799960.
console-api	log	URL: https://player.sendtonews.com/player7/player/65.18.9/player.js(Line 1) Message: SendtoNews Player.js Version: WebPack - 65.18.9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ads.adaptv.advertising.com
adservice.google.com
api.dailyfaceoff.com
api.rlcdn.com
apis.google.com
assets.libsyn.com
bid.g.doubleclick.net
c1.adform.net
cdn.datatables.net
cdn.jsdelivr.net
cdn.resonate.com
cdn.taboola.com
cdn.vuukle.com
cdnjs.cloudflare.com
chalk-images.s3.amazonaws.com
checkout.stripe.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d29xw9s9x32j3w.cloudfront.net
embed.sendtonews.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
html5-player.libsyn.com
i0.wp.com
i1.wp.com
ib.adnxs.com
imasdk.googleapis.com
js-sec.indexww.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
maxcdn.bootstrapcdn.com
odds.oddsshark.com
pagead2.googlesyndication.com
pi979-10rsz.ads.tremorhub.com
pixel.advertising.com
pixel.quantserve.com
player.sendtonews.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
r5---sn-4g5ednsr.c.2mdn.net
s.dblks.net
s0.2mdn.net
s0.wp.com
s2l.sendtonews.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
search.spotxchange.com
secure.gravatar.com
securepubads.g.doubleclick.net
sendtonews-d.openx.net
ssl-static.libsyn.com
static.libsyn.com
static.thenationnetwork.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
timber.sendtonews.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
vuukle.com
www.dailyfaceoff.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.109.78.125
104.18.12.242
104.248.66.5
107.22.147.121
13.226.145.106
13.226.145.125
13.226.145.29
13.226.145.35
142.250.184.226
142.250.185.130
151.101.12.176
151.101.13.44
151.101.14.49
18.156.0.31
18.195.75.70
184.31.84.150
185.29.135.234
185.64.189.112
185.94.180.123
192.0.77.2
192.0.77.32
199.212.255.151
2.18.234.21
204.16.246.215
204.16.246.216
205.185.216.10
216.58.212.130
216.58.212.162
2600:1f18:612b:4232:b83a:59ae:1899:bbf2
2606:4700:10::6816:325d
2606:4700:10::6816:3ca8
2606:4700:10::6816:3da8
2606:4700:20::ac43:4488
2606:4700:3036::ac43:8e96
2606:4700::6810:125e
2606:4700::6812:bcf
2607:f8b0:4007:80d::2003
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a00:1450:401e:28::a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
2a04:fa87:fffe::c000:4902
3.122.214.52
34.120.133.55
34.224.251.126
34.98.64.218
35.156.106.231
37.157.6.251
37.252.172.249
44.229.66.179
52.217.89.92
52.218.181.112
54.225.171.108
54.243.196.16
64.233.184.155
69.173.144.138
76.223.111.131
00ce69011a4d93821e9320528e9469d820d5123f5001b9a2ba61a97a54e93ad0
039cabb7dc5d7ba87d8176fe8a5052c8119ebe1bca6cfa913acf5e904a7007a3
042f1cef0d455760639cfd578141c2179ac3c0a147c4fed12863b00d216a882e
0445824bfe7b1dc6ca9236f6a3614609eb79c6d357b134c685783ae27372fbbb
04b9259d35e7b12826b38db61a542f3a4f4ff7cba5a41662683f0a0c5ddbb81d
053e24e51e6f01f4284058a32b02bc972986d765e5a024f892de3e1c97bd635e
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
066173c71016f334be27e3ba7d388de7f464b7631edce28c2f9901d781e815f3
06f856a3da9f0e964bd4058c36b9385dc889acfaf86031e2213c1c5992c8f2bc
0867ee1df230c80dc1601a8c56c499fabe444ab3ec173ce8b901444560c8816d
0930249dab8da3985a65c0874352c70a8b110809823c0bfdc5ad01b02d1e7122
0a294b3f944461544bdbaaaaeddc645139a2d50c3a8c935adc816fb4c87f31df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0dfb242c92df672a6258738bee8f2ebbb225ae63245f2c31b2d10f3abc6afd92
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
13f8012f2773188bfefb79acfa30f77b08f3b5464aafa61426ed6d85a8ccfabf
15f9c7dcb6d3f3fd50ac55a55f8a4168652122756d7763c13c333c9d4b8a36f0
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1c0544eee057da1de2dd39ce4d0e674456b5cd8b66fc3477a75f97566a0ade5a
1c4cb9ba25db58c2f41c9d23e2d68bd508eb79b7b1be6d0b92dd2399501bc27e
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1ff7060257d37142f4fa30eb38912e2f09e94ef162a6d550371b03faf017f72c
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
21795501aba5faba6ca338419fd7b8f92b9eca70dd799dcb49d5d2e57bef43ec
22cf24dcc0bca1903e7ef36412cf926c0982a1784f828e91037e312c9c14be10
23dda07bcc257665b937985a24a105e5e759cda1bd2e277a0cb43acbf6f92f7e
2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3
2743c669769658c356ba36df42fa15eb4b608e8e2afc6c45291f150b728ca87c
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2a00ee542233ba8012bc0a1f62c24cebd2fcb7505dfdd3877bfaec7c7851ec90
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c7dfcbd96933a59579d95c5499b8cbbd6d6150355e8eb2b3bec9405e5db0670
2cac99438be2f9aacaf1a63f220f5a4e0fb5f54d443ecde09652a650b0509f8b
2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6
2ec1d2032daf47da420abf0f0e67ab2654648aabdda55e89e6da392b6158c382
2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
30c48eef4e305a1f7e77d50dcac4b5f7baf250b0d55dfbab468db645bfb13c65
32d776dfb7de26bd8850b7bad1aeebbe8e86e2cb48a5d0c9908e90b77c78d06d
33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665
34053c8cad9514f5bfb9382535ea2ce394472358484cf1fd74a07e9e77273b46
35ad2369ec72753b3662f0aa719dd9173be3a636d617a6584c11b5d224af2aff
35b6e95475b106b5d5a58ce9e465adb8692f2b16c5e50e2e27278d976f2230f0
372053da5f05a5a53a7b9ed295e97b1b6306f0963c21cf168fe30ffef77090d0
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
376a82afb13703446a6c306ec6448ee30697d7e8125991716aecee82e6b3e06a
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38975d33f5e8cb9e72ebb9a19e878cba215cb9cf9ad35ebc7497608c8cc2cc5c
38f6bd5c4d72b87f811178633afc64659a36d24c0f7a256e641b7bb6f1d2e6d9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3fd4d7f1df68d5b4ef31162bd7e589dc1eac4baaa4cf94d536c2a08b479e9577
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
419bc457781431b3b9fa1f2fad33dabc6e2b58aa5aeacb9b642ab0a299dec6e4
422ee60b6fa13851b69c89bcc19e17210ef74dfcc266cfe4def417bf93e84bf7
423b8c827f2ce3b6d0d21b741afb078cc2b4393fef723ab44cc5b78de266cd34
456243f40e809b7721ad7c3ed956c6b45836f8b5d9ab5ef07f017d9484e1801a
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
46ccfda6e9a99ba82f041d998856aff7a2422708ef4c46a5cd119f0a02598409
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251
471c94cf4ddb265419b1500fdfc5a7d89d5bf24142506cb73595d1a4baf3e09c
476d9e48b0d5a604dbce0921ef4c0a8f8e44e265ef52faad0031cca0449d066c
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4932ec17fa2424bffa8517ae3daef7c4971ab112f201aed6f17fbb5f4c214de5
4c934534eb9fefa3ae15481defd2ac395d108538ac932da8299c02d0bd3faca0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcf797ecd41d505586912a9cb3d01745b0d2b51c98c2540d1f030a247020c6e
51d1bc719dfc930bdeab5a66c70087bf041d6e656fd662de9118b842d9e6524a
52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a370fc8241711b302c1340a0f148db13da2c1140b17409c90099be23fcf9d4
576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a
58071d60d23e669438756d9c508bf141d8df6a1343734a4daa9c6f060720e811
5b4b8416d34bd62e3cde070817610729acda61d2f511bb046db459ad051f3fda
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690
60e6785cf2f4577726ee450e679e7788a70431d07cd33771d749a0fa784cbad8
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
626e83a8a2d5bceefe3accf98722f8538b07db7a3de1f801ca13828448d00bf5
63beb36407e0bf39b60ee651a5888c04df3c6b5f3a681ee2fdc5679dc9c67bfa
654b91c942f577f5bf6247cd8205f1052bfa3cb5cbcdd1aad2731797f776f0ec
6620536e4cc4c5657f0d4e3ed3664ca9768dbbba345df366c536b4fa045b74ed
672696c6749ac10fa4aafff0e8a319f469244f4740eff57fe81fdbf43ce60a22
67e8d3017c2707cdb54c4240ad3c029b0ea40e73dddcfb87448e4783ff912e88
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c405255cb9c214bf87a7c2eb70ad1b7d403c310172ab189a1bfdf01d65e06de
6e921d71ae99a687ef4e9b85d43a2495cdcb2d76a934d890c6859f4dbd484267
6ef54283f20a073cabd9c3b9a9d3045064b444b01cbe4533d3c0d82e602530c7
6f380717495ffdb65f018c4ad7f158f5c8305dc64c81d44064ada96dc00fa36d
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74745fb5aff2295732ca39abff9a5fbbe0d164569cae0ce4bc83a03c81091bb2
762f5ea99556197c9c06177486cd5896c5c8c63895443104cc330582e55e1d70
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77ef4957a04533686a17de88e557ef77c46dddf18565eb7bbc820040e6070324
78512513fc22684ffb14efa1d150dad7416207241c73fb7c087a01bc7b883dcc
78cf05d2f2213696f116bfd8f73837d54c7541fe75e5676301955bf7727203c1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d249bab4461fa4adc1fab32de3371bf64689f83b9d77929279fc7e4af7d929
7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba
7bb614be4ecbb3056cdccbcc0dba57a7b2733f0230bb792673bea807bf4a2aa9
7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e7e72eecf6a4fb2981627eb8d15b947d394398db4e67c7ca7705749cdb2f832
7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
85bdcc2d09902654f8a90043ac9c77e00251d8d30ae75d6510a8605279e8fdaf
8665f38aba5434dd4a7ee1e8acac6962d78872b27adcba32b9e8db0cc67a6f56
866d450018a5401c779a2555b6e9e84f046307c5089e3b534c0b15e6f529559d
88804a94352c48bb0089cd83df3dbe05927a9035b9b52f82c02b589bff28d6d7
8949c816697c8c83c9667d3a01af9f89043a9bd20777109a172e080ea0064b5a
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d46618ce901aeccf7c90efc4bffd370de33a79ae3d40156421dd0c3cf7b1216
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8341b0fbea8e228ac2aedab6bf7d280291915f96dfb053d4b7b2de9fb99543
90d491d92c4a9033fc8ceefdae8fed17b53bdbf1804512c3e37132e47dedb664
92e38baa7532f1a40d226d5e83fe7e08e24252814be7bb3dbb82453357968235
942d2f1d42ecb80ad20154c4c880839281b4e1f621854a3db03ea6ac304285a6
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
993e50674c3527ac48de4e9acf4473be966bd6b9d9ebd3d2132be1b008a1d789
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9ad0d8bf9e4659eb773ec937a69b25c1e8869b17c43acd258f01e268f0194088
9c979e3ea6339718acfa9346691a7a62a648c62536ed9e8711838f391ea52c63
9dc47f10d71a5569c1f10825613dd354f8d3cfbb10b9b03cda275a117266ce27
9ef7649410c6da9430a5066979a841d38aca11282554cee26dfe241f7c60c329
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a46e573f9b9eb47cce21784e56cdee70b9fcb97081c541a82f7936c06f657053
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7836d6b7b8bb6c4aebe9f2257aa1aab59cc3defae83b972e38a1c184411fb99
a830e6228641b7ef520d2fef6fb5a1d4fe1090d43131db4dbef7b64f06c7fe4f
a85a58d36c44d04f90fc2e7a75a41d8a1a2763a4c4aec1ebe162513dfd636447
abef7835e2dd6a272c1fe6feb28a51958015663cb0bd7f5e7514406bd6aab48a
ae7fb1bb6d8475842893c8968f796bbd629985c99e389072f6282bd0d9f1b1ff
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861
b7898458696bdb895e0db289f7b7111479b20a7eab179944fcb8d01d84676744
b95e88aa3ddbfb9eafedac06f01025f12d4751a63841e18a5a1bbacae651f899
bbecdd91a8861a363a882af5c4168f09767b0a7cb231d0b4879c04c781e2d64e
bdfd284557089f415bc6780fd59f6f957746ebd2f3de6b7aa668c401eb5a3063
be422e1151b16ac5eb1700627b2ba98777e5ffb4a2baaf7900a7def556adbc5f
be877def15f67044c8e58d5803e8086338417b76de467759875744ed36801516
bf6f47ed8780b687c5a130fb2a771626719f31ddf91027f4f713a335c7c3205f
bfde568ba652fa6211b4979a28d37c51f4683fdbcc824c4877b9746c3fb5974b
c10b60fcdd0cf01e0c3b31b106279fb623381d7c9323df04492cae90a2daf358
c26f65ae8d99105c7d75767a1c921b26f3c44063c8c9b95b38f03905807a3d14
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c4e095ddca4f6772748a538a12c0a04d6d9740e8fdbc33210369a98571e545a8
c6831eb5c769f149e2ec4e7e8f50e47d8d14566bd7404818090cd31f338614e2
c6adcc64ffd6ab1c2efda96c6cad38815b8d2589635ad62413c563e2a499ea6d
c6fbcdf143ad188d3483052081a4a9f824c9ae74b23e378bfa5e72cd2326ffda
c7cc2789fe1da3fce515f75fba2d685cf4eb0a139ab14b38472320f3f1683b2d
c9e8c02ba8c301b62c5a0d210e97461bfb5f6affe75b5d0199e473f005f8e204
cb41c284825696d4099e36876120b494700a2e97d2405ba44ef95802fdf3a790
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccbe493a50455c56ed40e6de3c82c2ce76394d4b0557a1bc095af1755739ac9d
cee9374fc13a18761fed55a496af0a43f214255c97bb43af3b06f5b44589d03c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d48249fc213d30c080d8dd9b444ee8c77a955003d4accac38d7a1042214dc7ea
d8af4bf535c5ac410e5ee27be93e9bc80ed58163355774bab8c4ad79e3365ed5
d8b54033e8f4ed71efa790157be2f4cf86e0821be274a806ba37df0534c2c9be
d8f9178e1ced3654cf7ae47b53c366f574f2ccdf4177189cc2bbf78117cb6db3
db22b37c49a446a4aa73ef0938ef6bbff3f77224aa8412606eebd73f78816547
ddba832ab48ccd9c9d4ca77deb6354263ff35993f311f295188dbef5420b38dc
dde48b6e4d8cdc35254b1220b155dd3d995c283c6db0a8c05e200d820ae776f1
dde7a5209b17fe2d40b7bfe38900ec8c46571e4e52132bf9d1ea90d40230890f
e1a98b3fd6a0743811a55ee366e11bc5522aa075c97a9b7df8598323f56fac51
e248efd3e174f94f68af6f92ef1f044ff94469ef3589ec80875b8f30706b9738
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d15af9bd67fe77ac0050ac96a9cc9e173c23fbe76a8a144e29566e57fdbb41
e76997709f36eff0c723a196f78c99cc6ea7a65fa85a9349a7445ddb15c7fedd
e958b53fee79349ceaa960ad44698eefd15533098a4f143fb1350345af1592a6
e96f82f5743dccc9d190dfbaa742d67fedf079e975bd31f7908394674abac742
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
e9ce0f8639b3a7865040cfbc86ba05406bfcf1b3d0c7074ad1f459b3a54a99d2
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ea94775b0564f993f291c7b6a187429dfd6396c8e43c018a3eb8b129f9cf7f3a
ebb8dcbcd215c20a31a36d69f9a99816b06ba079bb0f3ed6b12e578b760466d0
ecd43325cc9334cd008f1f481269b67d84c6c270cf151d8f87f1d16c136f0ee3
ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
eda771665b379bb77c6a31f035763abedf802f3a449b2f93f56008a36f2925fc
ee259d670caa88402185e7a3c9291ed361be957afa60443456a350091172a424
eedaf8c52cef3a97a954e7339800d0b094f3973ae951c2394f6161f2da8282fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3e453b2851863814ac2bec9b17ff5b90ce01a69209f54ee0f6a1ea2104342b
efa234ba8fea30f028f728b42ba027da0baff915759c21129893c18e74de9a43
efbcbc42617c3c384b24f25a42e3166d8607750b5e62dd9e7357b86681c552b9
f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f4acfb00a263ea44064f4a07608cea0f0167df64cac3170b2a39e91f957a3691
f5e77afe741f9ccad4834e6bd36ecdc4bd9a529ff4f750c5c501aea7bcb279cc
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f6d8e1041fda3bd8df67117d160f5d0e57d2585b5e68ff3429baf04181722002
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7aa71deb502b7aeb6f262d8ac966b41d4acd63ba310579c8bde7801a6d85456
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
fa8431f7f37cd46c0f72fbb5cd0965c4eaa8657dbabfeb94e7e641d237c8feb4
fa8a70b96b7ad7a1d0d5eaab27dc82ac9e576fffc4aa08ffbeed20b289cdf0ed
fa8a91f02f5e195c95d96b708985462eb5f30a4d07deedcd17ccf133219f847d
fc40c0af1480a8f91604eb592ad0d8867f98cb59312b23d079df56eb384a4341
fe2e54fd445fa1a47662134cbf7d6c8129c86b7f9f005e877aa02e31d124cc5a

www.dailyfaceoff.com Open in urlscan Pro 2606:4700:20::ac43:4488 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

286 Requests

99 %HTTPS

42 %IPv6

46 Domains

80 Subdomains

67 IPs

7 Countries

8149 kBTransfer

15677 kBSize

6 Cookies

25 Outgoing links

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dailyfaceoff.com Open in urlscan Pro
2606:4700:20::ac43:4488 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

99 %
HTTPS

42 %
IPv6

46
Domains

80
Subdomains

67
IPs

7
Countries

8149 kB
Transfer

15677 kB
Size

6
Cookies

286 HTTP transactions
1 data transactions