championintheireyes.us.to Open in urlscan Pro
5.161.119.46  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response championintheireyes.us.to/	3 KB 4 KB	230ms 30ms	Document text/html	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash cb0b2ec91e2de4b95a946047484b352edab23051eab6f68d9e963a9558f32ad0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 cache-control public, max-age=0 content-length 3490 content-type text/html; charset=UTF-8 date Fri, 19 Apr 2024 07:44:19 GMT etag W/"da2-18ef3a69d65" last-modified Thu, 18 Apr 2024 23:59:26 GMT server Caddy x-powered-by Express
GET H2	200	css2 fonts.googleapis.com/	8 KB 2 KB	112ms 48ms	Stylesheet text/css	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000&family=Jacquarda+Bastarda+9&family=Manrope:wght@200..800&family=Quicksand:wght@300..700&display=swap Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f5b5fdf7a2b082b598f0cbdf3e739b7cf0555cffa7e35ecea0e3e6850d7294ee Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 19 Apr 2024 07:44:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 19 Apr 2024 07:44:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 19 Apr 2024 07:44:19 GMT
GET H2	200	style.css championintheireyes.us.to/data/css/	4 KB 4 KB	32ms 30ms	Stylesheet text/css	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/css/style.css Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 6db9ba19921bbb2899b75c880754c46bb5b81033f54e0d0bd4cadf445d265d7d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Fri, 19 Apr 2024 02:22:46 GMT server Caddy etag W/"f59-18ef429d81c" x-powered-by Express content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 3929
GET H2	200	root.css championintheireyes.us.to/data/css/	78 B 148 B	87ms 86ms	Stylesheet text/css	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/css/root.css Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash b85718ede6afdd662f4b0658f08451542ea623ae00de1c2634932dcd851080f1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Wed, 17 Apr 2024 23:51:14 GMT server Caddy etag W/"4e-18eee78c080" x-powered-by Express content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 78
GET		font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/	0 0
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	187ms 128ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1499389693327166 Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash 92d8c69b40431f362b722c45d0304ff6c689e4b333ca47624483370ac69e23bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Origin https://championintheireyes.us.to Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50796 x-xss-protection 0 server cafe etag 17192080118545368573 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Fri, 19 Apr 2024 07:44:19 GMT
GET H2	200	loading.gif championintheireyes.us.to/data/images/	90 KB 90 KB	87ms 86ms	Image image/gif	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://championintheireyes.us.to/data/images/loading.gif Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 176167b29588561cef2920b05212147b5739b618145560663aa1597bac86e8a1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Mon, 15 Apr 2024 21:22:22 GMT server Caddy etag W/"166f1-18ee3a3bca8" x-powered-by Express content-type image/gif cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 91889
GET H2	200	uv.bundle.js Show response championintheireyes.us.to/uv/	745 KB 746 KB	31ms 30ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/uv/uv.bundle.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 84c1ac2690f85de7ad853b438e6da286a2f3cece4266fa25d1ec78892707df29 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Sun, 14 Apr 2024 21:34:25 GMT server Caddy etag W/"ba4b3-18ede88697d" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 763059
GET H2	200	uv.config.js Show response championintheireyes.us.to/uv/	284 B 333 B	74ms 70ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/uv/uv.config.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 5c5bee951b854c5bca27d176c9b0b6032d023471ad538516e0b3183834647e20 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Sun, 14 Apr 2024 21:34:25 GMT server Caddy etag W/"11c-18ede88697d" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 284
GET H2	200	index.js Show response championintheireyes.us.to/data/js/	738 B 810 B	74ms 70ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/js/index.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 6890bc16e595d3eda91cfa23132a3fec7698da8fdee02c7219b563fbfd1244c0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Tue, 16 Apr 2024 18:21:17 GMT server Caddy etag W/"2e2-18ee8245073" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 738
GET H2	200	loading.js Show response championintheireyes.us.to/data/js/	125 B 172 B	74ms 71ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/js/loading.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash b44ad9bffb1f66f75894c398969afff8f63e942760120ccb5f2b995463d4f8b2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Mon, 15 Apr 2024 21:22:22 GMT server Caddy etag W/"7d-18ee3a3bca8" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 125
GET H2	200	color.js Show response championintheireyes.us.to/data/js/	2 KB 2 KB	74ms 71ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/js/color.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash b9643f64a1f97c2cc44e94ab62d74dcf05297675d8b03569f333f8cfc5dc87d5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Tue, 16 Apr 2024 18:21:17 GMT server Caddy etag W/"6e2-18ee8245073" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 1762
GET H2	200	custom-friconix.js Show response championintheireyes.us.to/data/js/	51 B 98 B	75ms 72ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/js/custom-friconix.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash e2c0f8c8a102890b5a3e8516274b1b56292bc50eca7f6e06e89fe93cd09caa5d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Tue, 16 Apr 2024 18:21:17 GMT server Caddy etag W/"33-18ee8245073" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 51
GET H2	200	moveis.js Show response championintheireyes.us.to/data/js/	1 KB 1 KB	75ms 72ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/js/moveis.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 7122e7e1b3b6015d610d86b4e0cef34be4e26ea0a5d5318c1e1a9ec41d447ec7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Thu, 18 Apr 2024 01:40:11 GMT server Caddy etag W/"42c-18eeedc7fb8" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 1068
GET H2	200	friconix.js Show response championintheireyes.us.to/data/js/	41 KB 41 KB	74ms 72ms	Script application/javascript	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/data/js/friconix.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 2f6fcc8bfb0e740fdffa31cad9a5a6fce8f796033e3f8813089b89d28076bb86 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT last-modified Wed, 17 Apr 2024 01:20:01 GMT server Caddy etag W/"a37d-18ee9a3ad03" x-powered-by Express content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 41853
GET H2	200	671b9764c1.js Show response kit.fontawesome.com/	12 KB 5 KB	133ms 81ms	Script text/javascript	2606:4700:4400::ac40:93bc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/671b9764c1.js Requested by Host: championintheireyes.us.to URL: https://championintheireyes.us.to/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2520b7abeb524ab470bd73c372c70881de780b98165815b0e5789e2815b0d960 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Origin https://championintheireyes.us.to Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT content-encoding gzip cf-cache-status REVALIDATED server cloudflare vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 876b44cb3d744bd3-BUF access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F8eN1iX-qDHLJjohczei
GET H2	200	6xKtdSZaM9iE8KbpRA_hK1QN.woff2 fonts.gstatic.com/s/quicksand/v31/	27 KB 28 KB	99ms 28ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000&family=Jacquarda+Bastarda+9&family=Manrope:wght@200..800&family=Quicksand:wght@300..700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://championintheireyes.us.to Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 17 Apr 2024 09:13:13 GMT x-content-type-options nosniff age 167466 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28064 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:22:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 17 Apr 2025 09:13:13 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404150101/	412 KB 140 KB	176ms 128ms	Script text/javascript	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404150101/show_ads_impl_fy2021.js?bust=31082799 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1499389693327166 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash 069153d4ed2c4e10987d1f9819e10683f4d76a3595b99df41da707c765540691 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 142820 x-xss-protection 0 server cafe etag 14587308864487805536 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 19 Apr 2024 07:44:19 GMT
GET H3	200	free.min.css Show response ka-f.fontawesome.com/releases/v6.5.2/css/	101 KB 24 KB	126ms 106ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=671b9764c1 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/671b9764c1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:20 GMT via 1.1 bea4558970610539f54262ef0474c94c.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop YTO50-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 02 Apr 2024 15:26:25 GMT server cloudflare etag W/"7f29cd8c97789aa298af8c61623ca28b" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELAadntprVmWwKsLYWcwdw5%2BdQPn6yZR3FAKOiTxku29BxIL3qJhKt56BMTr0HR%2BSSKHXncsu%2FBkdqOo3Eb5Zedm5nydAO6kya69IbvM%2FMJh0J5GsRX7ch7lYZR6mrjg8A%2B0iuxZIw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 876b44cced274bcc-BUF access-control-allow-headers fa-kit-token x-amz-cf-id oEUC38eWwrm-gUwhgX68BXZUYqSl94LxzhtcKh1ShgoZXdbyJZJA0g==
GET H3	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v6.5.2/css/	27 KB 5 KB	68ms 48ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=671b9764c1 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/671b9764c1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:20 GMT via 1.1 7ca36b6bf02ca67a6dcfb5a418d25d5e.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop YTO50-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 02 Apr 2024 15:26:25 GMT server cloudflare etag W/"940b066040a876fa1dc7b2ee2d222a58" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgNRgk0X5F%2FdPOQ6NeGeeAuqQ8X%2FLPf4eNKLiCni4%2Fr9SsZUULkfifFCzNBQbRA7KvynkFMWyadISBvLYxiqGJBheEPRbxtz%2BssydM%2BPO%2F%2FxHsIu%2BPjAgaEQHOxzDWY5x0XRdOkusw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 876b44cced264bcc-BUF access-control-allow-headers fa-kit-token x-amz-cf-id zT0sJkKz-QhJ5ZuUZgfEnOD_wciOceLEmIuUiDqm9WrLX3Z8INQH7A==
GET H3	200	free-v5-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.5.2/css/	823 B 1013 B	66ms 46ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=671b9764c1 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/671b9764c1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:20 GMT via 1.1 85aed5644f0ba77f3b2719065d365fdc.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop YTO50-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 02 Apr 2024 15:26:25 GMT server cloudflare etag W/"a3d53e21a02e37af6cbc00ac63b3cc1e" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WIAf0GTOlyMBqn65ZIrOjlcPsVORvqMNNFYRDl5bjp54acBVwcn8%2FZTIQQn2nYfFnLfR15o8Y0QpP2m8TcIx7Cd0mdoac4%2FYF57eWKyNeh4ctCF8LA0Pyb5NvyGDLzmbOMNiHv50Q%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 876b44cced234bcc-BUF access-control-allow-headers fa-kit-token x-amz-cf-id AgezINKdwugefRuP5Z5tNXkqHSMKnrlnsW0aPeInBBNdT0hzEDzpdg==
GET H3	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.5.2/css/	2 KB 1 KB	121ms 101ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=671b9764c1 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/671b9764c1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:20 GMT via 1.1 ede5c8e7b29cc9290d2f384042d78428.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop YTO50-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 02 Apr 2024 15:26:25 GMT server cloudflare etag W/"9c9f596493867f0e7ef5f9fe99103fce" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kiudhXMumjDZd4H700WQULyHiCBa9%2BI4IJs35pl5rOd2xarWYoWA9XI8TQErqSP3Z7pbyVJAWBTWZXmMusx4dWYiBT1HnsM19EzlQpNt3PAMGBDdW10V4gqYALM9wbATT%2FqsspO6A%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 876b44cced244bcc-BUF access-control-allow-headers fa-kit-token x-amz-cf-id BZGMAoT99pXgoDQEGRis7ag5NthpOQ-NdfVq1FuHGBJXdGFIi1UIEQ==
GET H3	403	ads googleads.g.doubleclick.net/pagead/ Frame DB39	0 0	121ms 56ms	Document text/html	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1499389693327166&output=html&adk=1812271804&adf=3025194257&lmt=1713484766&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fchampionintheireyes.us.to%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713512659870&bpp=3&bdt=234&idt=529&shv=r20240417&mjsv=m202404150101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5795643573605&frm=20&pv=2&ga_vid=1176592577.1713512660&ga_sid=1713512660&ga_hid=2012070109&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44795922%2C95328464%2C31082799%2C95320378&oid=2&pvsid=4172471169913877&tmod=1544641147&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=547 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404150101/show_ads_impl_fy2021.js?bust=31082799 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://championintheireyes.us.to/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Apr 2024 07:44:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	104ms 104ms	XHR application/json	142.250.65.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240417&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404150101/show_ads_impl_fy2021.js?bust=31082799 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f2.1e100.net Software cafe / Resource Hash 75f091723be34e70d020af78bc8f2a6bf60c637996ba25c98cc9f5af48a5d97a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:20 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12251 x-xss-protection 0
GET H3	404	favicon.ico championintheireyes.us.to/	517 B 659 B	31ms 30ms	Other text/html	5.161.119.46 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL https://championintheireyes.us.to/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 5.161.119.46 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.46.119.161.5.clients.your-server.de Software Caddy / Express Resource Hash 9673c4d78bdb994d90f5fba6dd4f7be6963da66875a51c52184098ac810f8a55 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:20 GMT last-modified Tue, 16 Apr 2024 18:26:18 GMT server Caddy etag W/"205-18ee828e55e" x-powered-by Express content-type text/html; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 517
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	123ms 48ms	Script text/javascript	2607:f8b0:4006:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404150101/show_ads_impl_fy2021.js?bust=31082799 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://championintheireyes.us.to/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 07:44:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Apr 2024 07:44:20 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame D449	0 0	84ms 27ms	Document text/html	2607:f8b0:4006:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://championintheireyes.us.to/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 97253 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 18 Apr 2024 04:43:27 GMT expires Fri, 18 Apr 2025 04:43:27 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame 97D1	0 0	138ms 58ms	Document text/html	142.250.65.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-uaLZEFXePNaTNMm1SaFgqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://championintheireyes.us.to/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-uaLZEFXePNaTNMm1SaFgqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 19 Apr 2024 07:44:20 GMT expires Fri, 19 Apr 2024 07:44:20 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdnjs.cloudflare.com

URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/font-awesome.min.css

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240417&jk=4172471169913877&bg=!vL-lv_DNAAZ55ZTXWeU7ADQBe5WfOLzGZzgevT9V1dLPNAoUtexDkDsNcEe_4rrtBsYnozm_Oklb0Sd2mlOALwJmaLz3AgAAADdSAAAAA2gBB34ANdvE5cR1DofoidLBjteeHpcZLfW7giKK4jFABlcQ98p4oLmCdzZkrmXEPSnJvd5ckO9WYN-xmQLZw04zyxsJ2vsmIoT9lt-mjoZTD6WE2q6h0zYkM6DDlmgz3uk_fgXta2V2iasQGrAnuN0mlEjGS7nUopXPpwvnds5XCBI-vPwzzfTzGMZdYg3I8UbUR0CWtW2RZEUuVOwYoookK84V3k4ZB2QoPDa6VSLNOnwuswgm3VsY-aiZrlY00AgVkVoMv4272q6ugElYjqGI256v2TNScw-HCAd8LZPBsx3-tJQQKqTefZrQZYBwJiwYQUaGt7vWskD49wgrygGkk5I3Zq_uNJvlUocj5lneLhHORsZAK7UtS9gyM2oapIweGEBwJmQD_UEtNvY3Ad78DyvQ7zpXmLlNCVW1OpkGc1umzDl0vGWUJjTedmOti2nfasEh68N2C_-pIXgbYJtcaudyzmkyxtlGGxhDiFICnK6xgH5EusYS177UFIaX2J7KqbnaOxrBuPSXgGuZ6Wem-23vdFfV9hWoP8Sr_r6mr3gjIalNlB44peeFZc_g8N8SNO0b9Q9RJP-hceogbL5j0LnFlYSQPPiyqHYvQ3s5f7qWV0GicRPCR_fvR1yvggTg0xSoOmdUxGUR-cL1EWM8kwQH2cbB6hTHZ8R9tVO9jXddhD8NssWl-SaHjMv2owj6GxSHX-XSiLDAkKHSNpKHN0sp72UIS1VOprWeSTYjvRZuNQj4ZfKn-_i6Nu78Qhq4bXRII4f_3PHQ_lV2p1VyqlJwfozudYEr_NVeozFQ0koFouz3gqnR9CNR5kfPO3kAX0HbQ4Qn1Wr7VhwjHJuT687UoTn18pTg2IMKLUpYg7YFmapza9uY4Q_Qv1xEFROObQ516FfkZllI3_YuRBVD-ts4SV_ROgzu1KXebN55FU6SIInpn3sorzzUTbeEOvtJOKsCbOLUTDZLovrolQyBaKJVh_zl7_lOjCpJ2Yewm2ye2w1_Fpbl8yITnglf_4WWQs5w_5P82N35WB8yME7ABsaRkN24

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| UVClient function| Ultraviolet object| __uv$config function| isUrl function| loadColorFromLocalStorage function| changeColor function| goto function| startDragging function| dragCounter function| stopDragging object| FontAwesomeKitConfig object| paths object| shapes function| fnStartInit function| friconix_update function| friconix_createSVG function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| icon string| path object| fiClassList string| fiClass object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 19:58:33	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://championintheireyes.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://championintheireyes.us.to/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
championintheireyes.us.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
cdnjs.cloudflare.com
pagead2.googlesyndication.com
142.250.65.162
142.250.65.164
142.251.40.98
172.67.139.119
2606:4700:4400::ac40:93bc
2607:f8b0:4006:809::2003
2607:f8b0:4006:80f::2001
2607:f8b0:4006:817::200a
5.161.119.46
069153d4ed2c4e10987d1f9819e10683f4d76a3595b99df41da707c765540691
176167b29588561cef2920b05212147b5739b618145560663aa1597bac86e8a1
2520b7abeb524ab470bd73c372c70881de780b98165815b0e5789e2815b0d960
2f6fcc8bfb0e740fdffa31cad9a5a6fce8f796033e3f8813089b89d28076bb86
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5c5bee951b854c5bca27d176c9b0b6032d023471ad538516e0b3183834647e20
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6890bc16e595d3eda91cfa23132a3fec7698da8fdee02c7219b563fbfd1244c0
6db9ba19921bbb2899b75c880754c46bb5b81033f54e0d0bd4cadf445d265d7d
7122e7e1b3b6015d610d86b4e0cef34be4e26ea0a5d5318c1e1a9ec41d447ec7
75f091723be34e70d020af78bc8f2a6bf60c637996ba25c98cc9f5af48a5d97a
84c1ac2690f85de7ad853b438e6da286a2f3cece4266fa25d1ec78892707df29
92d8c69b40431f362b722c45d0304ff6c689e4b333ca47624483370ac69e23bf
9673c4d78bdb994d90f5fba6dd4f7be6963da66875a51c52184098ac810f8a55
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
b44ad9bffb1f66f75894c398969afff8f63e942760120ccb5f2b995463d4f8b2
b85718ede6afdd662f4b0658f08451542ea623ae00de1c2634932dcd851080f1
b9643f64a1f97c2cc44e94ab62d74dcf05297675d8b03569f333f8cfc5dc87d5
cb0b2ec91e2de4b95a946047484b352edab23051eab6f68d9e963a9558f32ad0
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e2c0f8c8a102890b5a3e8516274b1b56292bc50eca7f6e06e89fe93cd09caa5d
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
f5b5fdf7a2b082b598f0cbdf3e739b7cf0555cffa7e35ecea0e3e6850d7294ee