urlscan.io logo urlscan.io
SecurityTrails logo

play32.predchamp.com Open in urlscan Pro
103.146.40.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://d1m.in/qtfz7k
Effective URL: https://play32.predchamp.com/intro
Submission: On June 15 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 60 HTTP transactions. The main IP is 103.146.40.71, located in India and belongs to CTRLS-AS-IN CtrlS Datacenters Ltd., IN. The main domain is play32.predchamp.com.
TLS certificate: Issued by R3 on April 5th 2021. Valid for: 3 months.
This is the only time play32.predchamp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 182.18.144.137 18229 (CTRLS-AS-...)
1 1 2a00:1450:400... 15169 (GOOGLE)
15 103.146.40.71 18229 (CTRLS-AS-...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
60 26
1    182.18.144.137 (Bengaluru, India)

ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN)
d1m.in
1    2a00:1450:4001:828::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
datalite.appspot.com
15    103.146.40.71 (India)

ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN)
play32.predchamp.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
4    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Domain Requested by
15 play32.predchamp.com play32.predchamp.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 pagead2.googlesyndication.com play32.predchamp.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
5 fonts.gstatic.com fonts.googleapis.com
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 fonts.googleapis.com play32.predchamp.com
googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 code.jquery.com play32.predchamp.com
2 www.googletagmanager.com play32.predchamp.com
www.googletagmanager.com
1 www.gstatic.com googleads.g.doubleclick.net
1 ipapi.co ajax.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com play32.predchamp.com
1 datalite.appspot.com 1 redirects
1 d1m.in 1 redirects
60 19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
*.predchamp.com
R3		 2021-04-05 -
2021-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://play32.predchamp.com/intro
Frame ID: 7A83B56AB93C0DC5DADA71DA0315188D
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 1AF8F6BB90F6F846B13229DF6C302E07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&adk=1812271804&adf=3025194257&lmt=1623761634&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761633936&bpp=3&bdt=751&idt=60&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4563101071700&frm=20&pv=2&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
Frame ID: DB1EFB37F8FD64480CE77A711590D8A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Frame ID: 5990EEB3008CEF6DBD228F8AC832DE1F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4886B892256EA19D0844066DD1435B9B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: EF55372CDD30BBD9BB1456E1CF206799
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3DE23D35EB1E04B2FEFCC5065C606AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://d1m.in/qtfz7k HTTP 301
    https://datalite.appspot.com/pred_champ?id=qtfz7k HTTP 301
    https://play32.predchamp.com/intro Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

60
Requests

100 %
HTTPS

89 %
IPv6

15
Domains

19
Subdomains

26
IPs

4
Countries

958 kB
Transfer

2029 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://d1m.in/qtfz7k HTTP 301
    https://datalite.appspot.com/pred_champ?id=qtfz7k HTTP 301
    https://play32.predchamp.com/intro Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set intro
play32.predchamp.com/
Redirect Chain
  • http://d1m.in/qtfz7k
  • https://datalite.appspot.com/pred_champ?id=qtfz7k
  • https://play32.predchamp.com/intro
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
142a71e74ed9df39f4e6bdededccfbef5b223366d8629827a1ba97b53d07b2ac

Request headers

Host
play32.predchamp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Tue, 15 Jun 2021 12:53:52 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4; Path=/; HttpOnly
Content-Language
en-US
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Encoding
gzip

Redirect headers

content-type
text/html; charset=utf-8
x-powered-by
Express
access-control-allow-origin
*
surrogate-control
no-store
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://play32.predchamp.com/intro
vary
Accept
set-cookie
connect.sid=s%3AbWLXwP0i4paJy5gj5vnSTgxjXTGIpCUW.ayXooLzACqfeKRTXe%2F3YYXw1pmygKgd9jdoQlUUDcQ4; Path=/; Expires=Sat, 03 Aug 2211 23:33:52 GMT
x-cloud-trace-context
2fa1708f6610c86fd609d0b46f8d24fa
date
Tue, 15 Jun 2021 12:53:52 GMT
server
Google Frontend
content-length
124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bootstrap.min.css;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/css/bootstrap.min.css;jsessionid=92984BF980FC8F89134A0FED62870FD4
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 May 2021 13:30:00 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
css2
fonts.googleapis.com/ 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a0b6df6a47c0c7d93f99dc375112a371bd7beb9b3171f6ed368e0a39c68ffd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 11:29:41 GMT
server
ESF
date
Tue, 15 Jun 2021 12:53:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 12:53:53 GMT
css2
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a837f051ac8249ce2e1c0215298ef878bc3b3017bc2b8e5bdea1cd88e8e1e54c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 11:33:47 GMT
server
ESF
date
Tue, 15 Jun 2021 12:53:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 12:53:53 GMT
style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/css/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/css/style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3ba856fb805ffe599d0e760f04ba65ad99f6c7346a2f2bf738e11b34beb836aa

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 May 2021 13:30:00 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
responsive.css;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/css/responsive.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
03645183f567b2918aa0737c4576dea4b60bcc3bf07e0a7b7cbf02e7677540df

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 May 2021 13:30:00 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56550cea9c95117681336af68eafe25c75c10f5dda70ecb350d86438a9c1001e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48376
x-xss-protection
0
server
cafe
etag
7086845543493924683
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Jun 2021 12:53:53 GMT
gaId.js
play32.predchamp.com/js/ 		32 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/js/gaId.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ecdf5c02c250bbf54e0b2508f6ad063bb1206a0d32787b029abed25543386f81

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 08:57:26 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
js
www.googletagmanager.com/gtag/ 		77 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b11ba860dc8000cad173d2fa86c6890d6aff9a1f1f58e710e46533911d899db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31324
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Jun 2021 12:53:53 GMT
jquery-1.10.1.min.js
code.jquery.com/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.10.1.min.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:53 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
nginx
etag
W/"54499a47-16b88"
vary
Accept-Encoding
x-hw
1623761633.dop201.fr8.t,1623761633.cds272.fr8.hc,1623761633.cds279.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32828
small-coins-icon.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/images/ 		678 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play32.predchamp.com/images/small-coins-icon.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0595e4d1da17b3765d817039e6454aa3d268df44c4afa4aa57a1d9a4f4b3e039

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Last-Modified
Wed, 12 May 2021 13:30:03 GMT
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
678
coins.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play32.predchamp.com/images/coins.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0f6a865ea03213967c4dd250db49ab3cef0d508c9df2fa7f858201d185141608

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:54 GMT
Last-Modified
Wed, 12 May 2021 13:30:08 GMT
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
7295
logo.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play32.predchamp.com/images/logo.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d013ce30c7a443fb202710627924c03b11b888af5b22da7b54757b157ef8490b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:54 GMT
Last-Modified
Wed, 12 May 2021 13:30:02 GMT
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
4842
facebook-icon-fb.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play32.predchamp.com/images/facebook-icon-fb.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
51f066d52c7514204e144157d12f1df272ad411aa2bac26037e779162f34ca30

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:54 GMT
Last-Modified
Wed, 12 May 2021 13:30:17 GMT
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
8726
insta-icon-fb.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
play32.predchamp.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play32.predchamp.com/images/insta-icon-fb.png;jsessionid=92984BF980FC8F89134A0FED62870FD4
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
691c53fdcede2793d1584ea8e82c7791140c9c58252a60fa0912e9378ce49c1e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:54 GMT
Last-Modified
Wed, 12 May 2021 13:30:15 GMT
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
9799
3.5.1-jquery.min.js
play32.predchamp.com/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/js/3.5.1-jquery.min.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9a26af51a9ca422e9c1ef7fc3d9ecdb0ff25bf78ee888fa48b31c885363d34fa

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 May 2021 13:29:58 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
jquery-3.5.1.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:53 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-11abc"
vary
Accept-Encoding
x-hw
1623761633.dop201.fr8.t,1623761633.cds272.fr8.hc,1623761633.cds240.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24606
bootstrap.min.js
play32.predchamp.com/js/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/js/bootstrap.min.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 May 2021 13:29:57 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
custom.js
play32.predchamp.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play32.predchamp.com/js/custom.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
98eea4f2d4d6607a75811e31f8ae2f096b4f5a8859c8127b55d76b91ecf2d419

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://play32.predchamp.com/intro
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/intro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 May 2021 13:29:57 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ 		81 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/intro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 02:13:24 GMT
x-content-type-options
nosniff
age
38429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83095
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 02:13:24 GMT
webappbdg.jpg
play32.predchamp.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play32.predchamp.com/images/webappbdg.jpg
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/css/style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cac418965ef4f855b9f1cb79af6ce213523b59a97daa8174e60fb8208a987664

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://play32.predchamp.com/css/style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/css/style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:54 GMT
Last-Modified
Wed, 12 May 2021 13:30:05 GMT
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
image/jpeg;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
15982
two-question-screen-bg.png
play32.predchamp.com/images/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play32.predchamp.com/images/two-question-screen-bg.png
Requested by
Host: play32.predchamp.com
URL: https://play32.predchamp.com/css/style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.71 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
571b2f419920ffe33d8408900fbdeacee76058501ad8062578a6ba78ca6a6485

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
play32.predchamp.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://play32.predchamp.com/css/style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
Cookie
JSESSIONID=PG5160~92984BF980FC8F89134A0FED62870FD4
Connection
keep-alive
Referer
https://play32.predchamp.com/css/style.css;jsessionid=92984BF980FC8F89134A0FED62870FD4?version=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 12:53:54 GMT
Last-Modified
Wed, 12 May 2021 13:30:06 GMT
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
228327
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://play32.predchamp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:37:01 GMT
x-content-type-options
nosniff
age
285412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 05:37:01 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://play32.predchamp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 06:09:44 GMT
x-content-type-options
nosniff
age
283449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:09:44 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://play32.predchamp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 13:39:53 GMT
x-content-type-options
nosniff
age
256440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:39:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87427
x-xss-protection
0
server
cafe
etag
18285230650351733317
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 15 Jun 2021 12:53:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 1AF8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210607/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://play32.predchamp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://play32.predchamp.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 15 Jun 2021 08:20:10 GMT
expires
Tue, 29 Jun 2021 08:20:10 GMT
content-type
text/html; charset=UTF-8
etag
3869991350818612685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4515
x-xss-protection
0
age
16423
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-194132155-9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
893c47d40ee9dcece90f402c3b251d6822c812acb798334603041adf67131efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36164
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Jun 2021 12:53:53 GMT
cookie.js
partner.googleadservices.com/gampad/ 		203 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=play32.predchamp.com&callback=_gfp_s_&client=ca-pub-8137430087055934
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
43f98660239bd6ed11b178b7bb8c6124c498a5783052c6c4498feef2e403c772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=play32.predchamp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 12:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=play32.predchamp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 12:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DB1E 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&adk=1812271804&adf=3025194257&lmt=1623761634&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761633936&bpp=3&bdt=751&idt=60&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4563101071700&frm=20&pv=2&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8137430087055934&output=html&adk=1812271804&adf=3025194257&lmt=1623761634&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761633936&bpp=3&bdt=751&idt=60&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4563101071700&frm=20&pv=2&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://play32.predchamp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://play32.predchamp.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 12:53:54 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 15-Jun-2021 13:08:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Jun 2021 12:53:54 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410781212720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28237
x-xss-protection
0
expires
Tue, 15 Jun 2021 12:53:54 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-194132155-9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1754
date
Tue, 15 Jun 2021 12:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 15 Jun 2021 14:24:40 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1793320716&t=pageview&_s=1&dl=https%3A%2F%2Fplay32.predchamp.com%2Fintro&ul=en-us&de=UTF-8&dt=PredChamp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1969968275&gjid=1689516688&cid=211627902.1623761634&tid=UA-194132155-9&_gid=1435150377.1623761634&_r=1&gtm=2ou690&z=1981813556
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 12:53:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://play32.predchamp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=play32.predchamp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 12:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=play32.predchamp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 12:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5990 		51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c00c4a1bea0f9ef6929b0bec56a04f9c2d211bd3a36e0f704f75bfe946be4f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://play32.predchamp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://play32.predchamp.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 15 Jun 2021 12:53:55 GMT
server
cafe
content-length
15135
x-xss-protection
0
set-cookie
IDE=AHWqTUmzSQj8kB4yiz8C0obH2IcOj8lwq3AxzQp0g8eClnB324iKMxN_LKC2_JTO4ak; expires=Sun, 10-Jul-2022 12:53:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Jun 2021 12:53:55 GMT
cache-control
private
/
ipapi.co/json/ 		116 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/json/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40eb6d50cee55cd98e628b786109035413fef21587791221d06070e99e9e25b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:54 GMT
vary
Host, Origin
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET, OPTIONS, OPTIONS, HEAD, POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8oawhFu96kfICxaYagpV421pf8YgXOwYlO7qzxozpsKrLM1tDdErQUgAGIBBl%2FvSO7AlZccABRhS%2Bw0jx1fbEegYQLrMw5Bl%2FhhiFO%2BIc4pfTLd8K7bR865M%2FipYMYei%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://play32.predchamp.com
cf-ray
65fbf1a6d83f634d-FRA
content-length
116
cf-request-id
0ab1555c440000634d7ca04000000001
css
fonts.googleapis.com/ Frame 5990 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 11:29:08 GMT
server
ESF
date
Tue, 15 Jun 2021 12:53:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 12:53:55 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 5990 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 12:49:22 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 5990 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 12:53:21 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 5990 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 12:49:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5990 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 12:53:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 5990 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:50:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 12:50:43 GMT
l
www.google.com/ads/measurement/ Frame 5990 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRstsYLw_XWWQx4clqwLDrKg0F2jjokI-9S3Mhnlq0Ed8HUSXekogN7WuYXjTlao_lGzR3T
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ef1eb58ff665bb7a112fcf12029c3c9f.js
www.gstatic.com/mysidia/ Frame 5990 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 15:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10553
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 05:15:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 12 Sep 2021 15:18:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5990 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C7pmf4qLIYPSnFsmW1fAP_tuj6Aucmtf5Yo65qJblDbKU_KfWJRABIImd_V9glYq4gsgHoAGytLeaA8gBAakCijNJuvdWtD6oAwGqBMkBT9By0bZ0M9Fg9hwERTS-e_8jvU9Yr6ONGE2OnYBrZ9VwsNSs7XgNwCdLTFCv99SQss655rGdsM1UeiIABovG0x6RxLL9xiQ1xtCuVduiuPETEAo_aLMF_dXdLGZFoMwCo9DV6zNnHcsfI52uYtWOIWOKTwgmCPed6KVWT5l3-R7L2DzA6S8ahZ8CwwUyNIEmPCvcNFE0w86VUBaWg2MFRPiJHY-zXXPv7ekufOU6W4XWibj5XLBU74y5o6Yzj-Pe1AbYwY7qAl9XwASCh_rwyAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHgoOavQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwYQ1KfOgQHSCAkIgOGAcBABGB-ACgHICwHYEw2IFALQFQGAFwGyFxoKGAgAEhRwdWItODEzNzQzMDA4NzA1NTkzNA&sigh=OjrgXLzBMlc&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 15 Jun 2021 12:53:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/15596915802681287009/ Frame 5990 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15596915802681287009/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c3be774b30dd0c68dc2e3c3c9023ee43508c42e94a7b4e3db9d143007932466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 14:03:41 GMT
x-content-type-options
nosniff
age
255014
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1492
x-xss-protection
0
last-modified
Fri, 21 May 2021 13:32:13 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 14:03:41 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4886 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmzSQj8kB4yiz8C0obH2IcOj8lwq3AxzQp0g8eClnB324iKMxN_LKC2_JTO4ak
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 15 Jun 2021 12:51:12 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5990 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
232e3dcdb6116ce6c69b72bbab014140de504852fc9a5b66d382f3cf8abdf338

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5990 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 07:40:44 GMT
x-content-type-options
nosniff
age
277991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:40:44 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5990 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:48:28 GMT
x-content-type-options
nosniff
age
266727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 10:48:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cc4c3f5ecef1d2d25972d283fab574c5217149410b30e18daabf3828c76624f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 12:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7946
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4886
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8137430087055934&output=html&h=280&slotname=4287821455&adk=3573065865&adf=910924710&pi=t.ma~as.4287821455&w=350&fwrn=4&fwrnh=100&lmt=1623761634&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fplay32.predchamp.com%2Fintro&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623761634333&bpp=3&bdt=1148&idt=3&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da902cdf5a8001b62-22c2c1825ec80021%3AT%3D1623761634%3ART%3D1623761634%3AS%3DALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg&prev_fmts=0x0&nras=1&correlator=4563101071700&frm=20&pv=1&ga_vid=211627902.1623761634&ga_sid=1623761634&ga_hid=1793320716&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C44740386%2C44743203&oid=3&pvsid=3731120829261480&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Hrr0QaxWjp&p=https%3A//play32.predchamp.com&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmzSQj8kB4yiz8C0obH2IcOj8lwq3AxzQp0g8eClnB324iKMxN_LKC2_JTO4ak
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 12:53:55 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 15-Jun-2021 13:53:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Jun 2021 12:53:55 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 12:53:55 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8137430087055934&plah=play32.predchamp.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 15 Jun 2021 12:53:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame EF55 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://play32.predchamp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://play32.predchamp.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 15 Jun 2021 12:30:22 GMT
expires
Wed, 15 Jun 2022 12:30:22 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B3DE 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51cb15781c1d8a701a54d76f441acf635a38a4b67d80b622a9f41d840ac33393
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vAeg2vGvePaVJXKfhLWWaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://play32.predchamp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://play32.predchamp.com/

Response headers

expires
Tue, 15 Jun 2021 12:53:55 GMT
date
Tue, 15 Jun 2021 12:53:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vAeg2vGvePaVJXKfhLWWaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame EF55 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 09:07:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=3731120829261480&bg=!0NOl05fNAAY6sG-_OrA7ACkAdvg8WuEkpPhvw8dmqd2DJunhorfoYWbbIVQNBqsCSXuw_bsYwXKjngIAAABQUgAAAAxoAQcKAOO-UXzQ6pDkHm9vVZVE_u7XNgWpsHRqOOjPh7oXvoG7jVwlds_3e4wEZUAeoXQY706yC4_E1iRQW0Hz1Y-wldvlHIhm0dEIN6gPtru0mQ3v_Is4OGFAYsb5kXFB_CqSPuoKU4x2Eq6d1iUGVAKAixw8l9xgb5fP5hjowuQ8mIrPJbJnroMedMiDEMRh637VBK8I4pu1Fsby9XlOnwfK9_TeTTr2plrmECSqqDVbuJruqUmU770HTLpqkk9AC1PDlfnM8A4DumoCpiQjntlurg5zYrYu106aH8dmmKABjjrX9O1bvZkCefU2B4xWGq1-5amSJniG_fQIOCjVu0zepVm5jMNso1asLO8h3UaPBktB64QN3du-SOy9jZ4ThSvM_hZEyNptT155HEYeYdhW1gsOLlXGU1sEc8hsttiTXRlj02XxtaXJ-YwUa6QAd320Nk3PGZiP4WXD3GzF4pPuL1HcQZJRzVnsmhRJumlVUOuKpMp64elOvhUHQ3MBTDKzfs5Pls3Cv5utqxbgdI4k-H5SV7gRBMutgVbrSCphteBncgfWMb7J7-Bo3Xsx5ZBYPMXCGdI6TiIF1asxfDgXLol5G2ZzMJ_D_QyVE4khLQl1It14jva3BrokKvVHbX-Ge_gXaNbrY8WbBUSbm83QWSNnrJd8xotD48hEfWJcgDDmSjOXXFR_otNXfWVlHkLQyyIQZ_fu7q706zNo8vIGQI3185A3ViOXie5NAqLt3_tKDy6rkIcX0XEPrytjVUXsFdU59eCJ7pso4pdmclE6qhR27Nmqwuth2WMyp_MqrEyek5oGNVdKs22weYeauZUg4_uzpEI46CCSRlef1TTDEs3lRU4uOxRD5BQRfIRUR8a_THU6Z0-zGGspwnQTYcRg8qIiSdS_AgCwdf7yWZZhus-hgqPf5gGXXE5alqGsIe8vF9vDc9gZ_XX-MqHjYuAQ38JELgkuTKIEBYjD7HMYJgIikVKpR4sJIyru19puTjxVUragvA08nb3TrS9aukCnG1sOA5bntRKVdgEQWBgSZMORR7mM4r7BmsxiF5J3NqnbIu4NGu469BT2u4C0GrBe-NxguM72gvXQqf6QSFrRG7hkVdxefs6r-0JHExSwyw7v6RaXrVyU27bTNYH9_p3FDw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play32.predchamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 12:53:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5990 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNqhw8pmVOI_x6th-0Hh9Dr-wq2NEuXOr-quHH09VsltHG-Q4yh7DdgzBgvfOn1NbjYjOoQNPiFhw8emIXKgZyJfxjaS-JjxF1zsXWM0pDdMLDNYgZjcRhGNKggQ&sai=AMfl-YQOdTWnhME3Ra-byqgBD5stKxXZlIikGOTIDUbqJm5gJoUpx2_aWzvzVaaNU4xMmNnLsHX2Rv240hhmZ9vD0K7RlhwT5yNSsB_ZdOP2xcIcu46ItsScRXpgTjlV&sig=Cg0ArKJSzAijVTbf-w_dEAE&cid=CAASPeRosbd7gxkj3oPUHm6hAwRmwLqfiJ9QkHOyt1gMten8ic8TruEr8d3HQHGuqQN2oQ9bIXROEWrPGvSLu-8&id=lidar2&mcvt=1000&p=0,625,280,975&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3573065865&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623761634346&dlt=1317&rpt=3&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 12:53:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| gaId function| $ function| jQuery function| gtag object| dataLayer string| subdomain function| goBack object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| gaplugins object| gaData object| bootstrap function| start function| clickOption function| showStats string| ques1 number| google_lpabyc object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmzSQj8kB4yiz8C0obH2IcOj8lwq3AxzQp0g8eClnB324iKMxN_LKC2_JTO4ak
.predchamp.com/ Name: __gads
Value: ID=a902cdf5a8001b62-22c2c1825ec80021:T=1623761634:RT=1623761634:S=ALNI_MbndDTn1Z6Htie5OVFzK1LlfM0fPg
.predchamp.com/ Name: _gid
Value: GA1.2.1435150377.1623761634
.predchamp.com/ Name: _gat_gtag_UA_194132155_9
Value: 1
.predchamp.com/ Name: _ga
Value: GA1.2.211627902.1623761634
play32.predchamp.com/ Name: JSESSIONID
Value: PG5160~92984BF980FC8F89134A0FED62870FD4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
code.jquery.com
d1m.in
datalite.appspot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipapi.co
pagead2.googlesyndication.com
partner.googleadservices.com
play32.predchamp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
103.146.40.71
182.18.144.137
2001:4de0:ac18::1:a:3a
216.58.212.130
2606:4700:20::681a:92c
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2014
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
03645183f567b2918aa0737c4576dea4b60bcc3bf07e0a7b7cbf02e7677540df
0595e4d1da17b3765d817039e6454aa3d268df44c4afa4aa57a1d9a4f4b3e039
0a0b6df6a47c0c7d93f99dc375112a371bd7beb9b3171f6ed368e0a39c68ffd4
0b11ba860dc8000cad173d2fa86c6890d6aff9a1f1f58e710e46533911d899db
0f6a865ea03213967c4dd250db49ab3cef0d508c9df2fa7f858201d185141608
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
142a71e74ed9df39f4e6bdededccfbef5b223366d8629827a1ba97b53d07b2ac
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
232e3dcdb6116ce6c69b72bbab014140de504852fc9a5b66d382f3cf8abdf338
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3ba856fb805ffe599d0e760f04ba65ad99f6c7346a2f2bf738e11b34beb836aa
3cc4c3f5ecef1d2d25972d283fab574c5217149410b30e18daabf3828c76624f
43f98660239bd6ed11b178b7bb8c6124c498a5783052c6c4498feef2e403c772
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
51cb15781c1d8a701a54d76f441acf635a38a4b67d80b622a9f41d840ac33393
51f066d52c7514204e144157d12f1df272ad411aa2bac26037e779162f34ca30
56550cea9c95117681336af68eafe25c75c10f5dda70ecb350d86438a9c1001e
571b2f419920ffe33d8408900fbdeacee76058501ad8062578a6ba78ca6a6485
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
691c53fdcede2793d1584ea8e82c7791140c9c58252a60fa0912e9378ce49c1e
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
893c47d40ee9dcece90f402c3b251d6822c812acb798334603041adf67131efe
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
98eea4f2d4d6607a75811e31f8ae2f096b4f5a8859c8127b55d76b91ecf2d419
9a26af51a9ca422e9c1ef7fc3d9ecdb0ff25bf78ee888fa48b31c885363d34fa
9c3be774b30dd0c68dc2e3c3c9023ee43508c42e94a7b4e3db9d143007932466
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a837f051ac8249ce2e1c0215298ef878bc3b3017bc2b8e5bdea1cd88e8e1e54c
c00c4a1bea0f9ef6929b0bec56a04f9c2d211bd3a36e0f704f75bfe946be4f9f
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c40eb6d50cee55cd98e628b786109035413fef21587791221d06070e99e9e25b
cac418965ef4f855b9f1cb79af6ce213523b59a97daa8174e60fb8208a987664
d013ce30c7a443fb202710627924c03b11b888af5b22da7b54757b157ef8490b
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ecdf5c02c250bbf54e0b2508f6ad063bb1206a0d32787b029abed25543386f81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194