dmarket.com Open in urlscan Pro
45.223.25.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stateluxe.com/?ko_click_id=ko_d8daxii6q41dooo63
Effective URL:
https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Submission: On June 21 via manual (June 21st 2024, 10:01:40 pm UTC) from RO — Scanned from DE

Summary HTTP 66 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 18 domains to perform 66 HTTP transactions. The main IP is 45.223.25.16, located in United States and belongs to INCAPSULA, US. The main domain is dmarket.com. The Cisco Umbrella rank of the primary domain is 860017.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 24th 2023. Valid for: a year.

This is the only time dmarket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.178.208.187 185.178.208.187	57724 (DDOS-GUARD) (DDOS-GUARD)
23	45.223.25.16 45.223.25.16	19551 (INCAPSULA) (INCAPSULA)
9	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:828::201b	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7709	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	96.16.88.8 96.16.88.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
4	23.219.78.145 23.219.78.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:440... 2606:4700:4400::6812:2ba8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:4eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
66	21

1 185.178.208.187 (Russian Federation) 1 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

stateluxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 45.223.25.16 (United States)

ASN19551 (INCAPSULA, US)

dmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7709 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.88.8 (Madrid, Spain)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-16-88-8.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.219.78.145 (Seattle, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-78-145.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2ba8 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-06.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4eaf (United States)

ASN13335 (CLOUDFLARENET, US)

latte.dmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	dmarket.com dmarket.com — Cisco Umbrella Rank: 860017 latte.dmarket.com	573 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	58 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8749	4 KB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5540 api.livechatinc.com — Cisco Umbrella Rank: 5088 secure.livechatinc.com — Cisco Umbrella Rank: 6343	34 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	304 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3125
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1381	8 KB
2	braze.com sdk.iad-06.braze.com — Cisco Umbrella Rank: 3061	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	73 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260	61 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3382	57 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83 storage.googleapis.com — Cisco Umbrella Rank: 434	97 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8088	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	251 B
1	appboycdn.com js.appboycdn.com — Cisco Umbrella Rank: 4436	60 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	stateluxe.com 1 redirects stateluxe.com	256 B
66	18

	Domain	Requested by
23	dmarket.com	dmarket.com
9	cdnjs.cloudflare.com	dmarket.com cdnjs.cloudflare.com
5	mc.yandex.com	2 redirects dmarket.com mc.yandex.ru
3	latte.dmarket.com	storage.googleapis.com
3	api.livechatinc.com	cdn.livechatinc.com
3	www.googletagmanager.com	dmarket.com www.googletagmanager.com
2	www.facebook.com	dmarket.com
2	region1.analytics.google.com	www.googletagmanager.com
2	use.fontawesome.com	js.appboycdn.com use.fontawesome.com
2	sdk.iad-06.braze.com	js.appboycdn.com
2	connect.facebook.net	dmarket.com connect.facebook.net
2	mc.yandex.ru	1 redirects dmarket.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	www.google.de	dmarket.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	cdn.livechatinc.com	dmarket.com
1	js.appboycdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	storage.googleapis.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	dmarket.com
1	stateluxe.com	1 redirects
66	23

This site contains links to these domains. Also see Links.

Domain
api.dmarket.com
www.facebook.com
twitter.com
www.linkedin.com
telegram.me
apps.apple.com
play.google.com
blockchain.dmarket.com

Subject Issuer	Validity	Valid
*.dmarket.com Go Daddy Secure Certificate Authority - G2	`2023-10-24` - `2024-11-24`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
storage.googleapis.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
appboycdn.com E6	`2024-06-10` - `2024-09-08`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
iad-06.braze.com E5	`2024-06-09` - `2024-09-07`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
dmarket.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Frame ID: F655C424310D6A281BF252BDBF74DD61
Requests: 76 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 88FE15B94FADD17724E3C8E22A3A7785
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=9587240&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 36C3DC7E648AA8892E3475B1034813B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CS2 Mirage Callouts Explained | DMarket | Blog

Page URL History Show full URLs

https://stateluxe.com/?ko_click_id=ko_d8daxii6q41dooo63 HTTP 302
https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63 Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

95 %
HTTPS

62 %
IPv6

18
Domains

23
Subdomains

21
IPs

6
Countries

1372 kB
Transfer

3421 kB
Size

37
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://api.dmarket.com/marketplace-api/v1/sign-in/link/steam?ReturnURL=https://dmarket.com
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fdmarket.com%2fblog%2fcs2-mirage-callouts%2f

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3a%2f%2fdmarket.com%2fblog%2fcs2-mirage-callouts%2f&text=All%20Mirage%20Callouts%20in%20Counter-Strike%202

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3a%2f%2fdmarket.com%2fblog%2fcs2-mirage-callouts%2f&title=All%20Mirage%20Callouts%20in%20Counter-Strike%202&summary=Success%20in%20Counter-Strike%202%20is%20based%20on%20two%20main%20elements%3a%20personal%20skills%20and%20team%20actions.%20Both%20are%20important%2c%20and%20both%20support%20each%20other.%20You%20need%20to%20be%20agile%20with%20your%20movement%20and%20accurate%20with%20your%20shooting%20to%20be%20a%20reliable%20teammate.&source=DMarket%20%7c%20Blog

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3a%2f%2fdmarket.com%2fblog%2fcs2-mirage-callouts%2f&text=All%20Mirage%20Callouts%20in%20Counter-Strike%202

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/dmarket/id1441399013

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.dmarket.dmarketmobile

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dmarketcommunity/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/dmarket
Title: Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/eugene_bozhenko

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/eugene-bozhenko

Search URL Search Domain Scan URL

URL: https://blockchain.dmarket.com/main
Title: Blockchain Explorer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stateluxe.com/?ko_click_id=ko_d8daxii6q41dooo63 HTTP 302
https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10407.IakC88kfIMu-SHgVO_i97Eeur326SVlg_OlP5y9k1-NdurEH74ATs6xhhXNZ9IBy.JY4ggHCZwOzCLR5nGRA-Ob5Tmck%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10407.jLfcvWaMg0x95ikx-4jYeXnaJ8WEXbkjoBOPfPtFWrweYuT27hS82C2NYtDnPKC6QPhvUM8U2Ss6BcaKcl0YIDTu2TkxHDsjNR7DAzs8qZ7r0ECs8ob4bKY7v9YPABzVpZT8FBvwaIaZS9jN1R366yatg8ONoqcowxsc4cUu7sx46D0WXcfq98Vvw9KHEYC8D8j2iRAHOpOC0m7UFtfxjePLUksZbiCYmqINlyaUFcE%2C.fjDEtHirs9Ej0BgXk7hg6EKFfug%2C

Request Chain 69

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%223.4.1%22%2C%22shareVersion%22%3A2%7D&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1ddf25rn73ebk2eteqr6jr5riz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A106023613098%3Ahid%3A400585651%3Az%3A120%3Ai%3A20240622000130%3Aet%3A1719007291%3Ac%3A1%3Arn%3A658712551%3Arqn%3A1%3Au%3A1719007291429817379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4591%3Ads%3A0%2C1358%2C255%2C87%2C1066%2C0%2C%2C1542%2C1%2C%2C%2C%2C5903%3Aco%3A0%3Acpf%3A1%3Ans%3A1719007283549%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719007292%3At%3ACS2%20Mirage%20Callouts%20Explained%20%7C%20DMarket%20%7C%20Blog&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(2134272)ti(1) HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%223.4.1%22%2C%22shareVersion%22%3A2%7D&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1ddf25rn73ebk2eteqr6jr5riz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A106023613098%3Ahid%3A400585651%3Az%3A120%3Ai%3A20240622000130%3Aet%3A1719007291%3Ac%3A1%3Arn%3A658712551%3Arqn%3A1%3Au%3A1719007291429817379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4591%3Ads%3A0%2C1358%2C255%2C87%2C1066%2C0%2C%2C1542%2C1%2C%2C%2C%2C5903%3Aco%3A0%3Acpf%3A1%3Ans%3A1719007283549%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719007292%3At%3ACS2%20Mirage%20Callouts%20Explained%20%7C%20DMarket%20%7C%20Blog&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%282134272%29ti%281%29

66 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dmarket.com/blog/cs2-mirage-callouts/
Redirect Chain

https://stateluxe.com/?ko_click_id=ko_d8daxii6q41dooo63
https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

115 KB
34 KB

1711ms
216ms

Document
text/html

45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

84bc51d20601e8fb30246fa48951b7dbf881e0482919c526d050249e4d99cfe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
cache-control: public,max-age=0
content-encoding: gzip
content-type: text/html
date: Fri, 21 Jun 2024 22:01:26 GMT
etag: "07d5f5904657af033e1e73a4c7c9ed9c"
last-modified: Fri, 21 Jun 2024 13:33:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-generation: 1718976792070473
x-goog-hash: crc32c=ODBrew== md5=B9X1kEZXrwM+HnOkx8ntnA==
x-goog-meta-goog-reserved-file-mtime: 1718976109
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 117424
x-guploader-uploadid: ACJd0Nrv-leKXOgI0LrcvoSV2yPyL7nxKWik5lBNWq8Dyiqx9x_4r0Vw6dibe3kCZCkykUzRpIn8YDZ2uw
x-iinfo: 9-9981077-9900577 pNYy RT(1719007284084 1452) q(0 0 0 0) r(1 1) U5

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Fri, 21 Jun 2024 22:01:24 GMT
location: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
server: ddos-guard

GET
H2 200 main.7096a4ca49ee885910304dfc96549e2f.css
dmarket.com/blog/scss/ 144 KB
33 KB 223ms
154ms Stylesheet
text/css 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://dmarket.com/blog/scss/main.7096a4ca49ee885910304dfc96549e2f.css

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

616cb7e902626052d494eb472257d50b00d623db87e2741705355172ecf30d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1718710785
age: 0
x-guploader-uploadid: ACJd0Nqt7VPpkUnVQGjb93ALgZrQTtg6s7927bJBSTm8-FhYZv49aRzhR920mZFsLxU_0aEGwLAhxRZ6nA
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9900577 pNYy RT(1719007284084 2018) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 18 Jun 2024 11:57:31 GMT
etag: "7096a4ca49ee885910304dfc96549e2f"
x-goog-hash: crc32c=/gTCHg==, md5=cJakyknuiFkQME38llSeLw==
x-goog-generation: 1718711851228076
content-type: text/css
cache-control: public,max-age=0
x-goog-stored-content-length: 147089
accept-ranges: bytes

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
979 B 1009ms
324ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 111000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0EZV2I7CFABL7t9f18IfPV07S%2FiVWvxMGWZcUomW81UZu%2B1A5Bvksm0xj8CiyzYuas1uaTpqMfx1cLMz32Gewo%2Fdr2B1J8Z8ez7B7JNucgWTUcVj6N85VWGAFJXXGuqIuqVRGV8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897746faed47912e-FRA
expires: Wed, 11 Jun 2025 22:01:27 GMT

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
1 KB 846ms
165ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 709810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJ2oKNl%2F03k4NRcvpoylDUH5mBhua9U8NiuAFKDfXIg%2FUlwbH0mJce%2Fby9q9TmSX1WmQ3aXanjF9JRoOwlaPMDmNmwdhmVLD%2BUncszfax37OcsOtgybHZKAOwbW0fP%2BrF5eiHH%2BE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897746faed41912e-FRA
expires: Wed, 11 Jun 2025 22:01:27 GMT

GET
H2 200 logo.svg
dmarket.com/blog/images/ 3 KB
2 KB 282ms
220ms Image
image/svg+xml 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/logo.svg

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d3e5c0a88549b7a0aaa2ff2f59c5465e1b8a89a7bf4688782dc1f7ff7e7a8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0NqqHWpzSVC87p6cSB7oZjUFrddQIjefmSB8n-bxeU2Ynq9hxnN_F9QDANXnWxhjnHuS0u8-m40FJw
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9869317 pNYy RT(1719007284084 2021) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "71914acfae403e919b106279b0e94173"
x-goog-hash: crc32c=x+zT8w==, md5=cZFKz65APpGbEGJ5sOlBcw==
x-goog-generation: 1694699921513459
content-type: image/svg+xml
cache-control: public,max-age=0
x-goog-stored-content-length: 3507
accept-ranges: bytes

GET
H2 200 logo-blog.svg
dmarket.com/blog/images/ 2 KB
1 KB 282ms
220ms Image
image/svg+xml 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/logo-blog.svg

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2be949997561c2c7046dc4567a0c2daec45d8291fd0b3665a6018508bf7682c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0NoQTtJ9p42xyJfdyqTN-JIfVhOkVa9NMcyVFSKyTrVowUvRwLOCmo4lI1lmL1HzdiEvLEg
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9954730 pNYy RT(1719007284084 2024) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "d73d2775264207868476d2f993b049f7"
x-goog-hash: crc32c=t5FGJQ==, md5=1z0ndSZCB4aEdtL5k7BJ9w==
x-goog-generation: 1694699921389627
content-type: image/svg+xml
cache-control: public,max-age=0
x-goog-stored-content-length: 1991
accept-ranges: bytes

GET
H2 200 searcgreen.png
dmarket.com/blog/images/ 538 B
797 B 221ms
110ms Image
image/png 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/searcgreen.png

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

844063189c5da8c94fbc13319e4e95b1598c4ab14f8be88ba653c82789bbb4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0Npim39-IsawanrZUE_dfTaOL1ovwshxW5HU2lzNvkztN-FdCTQBAzG-CVyUGci_WgLHLdIsuFunmw
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9900577 pNNy RT(1719007284084 2342) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 538
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "a1c3b3af5bc092824c0728cdcf59bbed"
x-goog-generation: 1694699921731896
content-type: image/png
x-goog-hash: crc32c=3bUiGg==, md5=ocOzr1vAkoJMByjNz1m77Q==
cache-control: public,max-age=0
x-goog-stored-content-length: 538
accept-ranges: bytes

GET
H2 200 steam.svg
dmarket.com/blog/images/ 2 KB
1005 B 210ms
103ms Image
image/svg+xml 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/steam.svg

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f3675844d265cacedcc13a0c02a12b572488f1b144155112d1df31fa7ee0e66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0NolQ-5pEN8DjuKP9pYF8HpimUQe6tTz26YnA033DfRL6t7yjcoG0-21O2TIPMdB1rJo6xrYBq-usQ
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9869317 pNYy RT(1719007284084 2347) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "c783c621d108ac7a8bffc639ae73d3b6"
x-goog-hash: crc32c=g7UbWQ==, md5=x4PGIdEIrHqL/8Y5rnPTtg==
x-goog-generation: 1694699921894677
content-type: image/svg+xml
cache-control: public,max-age=0
x-goog-stored-content-length: 1540
accept-ranges: bytes

GET
H2 200 fbhead.png
dmarket.com/blog/images/ 529 B
938 B 533ms
50ms Image
image/png 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/fbhead.png

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

70c6343a2721357b2051a3fa63a574053782a817f2813084d9e80f9e6c447179

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0NrbueI1omLnvwnnKQ4AGX3FeqzKIeXieicwicG5r68XhTg4uCGveUYA7VNnDMVHZrp5S8vRh33oRQ
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9900577 pNNy RT(1719007284084 3436) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 529
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "104dd09a30ea0ed34f5d9e36ec907297"
x-goog-generation: 1694699921246807
content-type: image/png
x-goog-hash: crc32c=6ReWVw==, md5=EE3QmjDqDtNPXZ427JBylw==
cache-control: public,max-age=0
x-goog-stored-content-length: 529
accept-ranges: bytes

GET
H2 200 twitterhead.png
dmarket.com/blog/images/ 501 B
810 B 516ms
59ms Image
image/png 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/twitterhead.png

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9f26f68525664d1bf11b3269dc6461a708827fd3d28dc0bc2c44d016b9ddca6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0No7lm_pK9nk1aKXf_7uy4zlAf73Y7o6Qye1Nsfl5Q1dibBZ9O0wBOcJYtQcOSY08k6ivEZNqMEuhg
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9869317 pNNy RT(1719007284084 3439) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 501
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "1d660309070e38fb81229ed4a85f4691"
x-goog-generation: 1694699921936061
content-type: image/png
x-goog-hash: crc32c=Sj2TfA==, md5=HWYDCQcOOPuBIp7UqF9GkQ==
cache-control: public,max-age=0
x-goog-stored-content-length: 501
accept-ranges: bytes

GET
H2 200 linkdin.png
dmarket.com/blog/images/ 366 B
619 B 512ms
56ms Image
image/png 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/linkdin.png

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1ebda874e1cffbda25a61733a74c0b2304c35aa922355cbf671739c492477bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0NqwEIziWEIb0E23A9PSFmcd_jv2czY6TjVnqnO2AufP6FNWMmW6AACiSFYu4TfT4UNxOtjFndUP5w
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9954730 pNNy RT(1719007284084 3441) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 366
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "82cd2b2322f1826783660037f2f2303b"
x-goog-generation: 1694699921345075
content-type: image/png
x-goog-hash: crc32c=NB/ogg==, md5=gs0rIyLxgmeDZgA38vIwOw==
cache-control: public,max-age=0
x-goog-stored-content-length: 366
accept-ranges: bytes

GET
H2 200 teleg.png
dmarket.com/blog/images/ 562 B
809 B 504ms
52ms Image
image/png 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/teleg.png

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c60606afe0ec36cb11517bb3ec6681e2f1ae6ef65c9d902fdeda3c866fcdb61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1694697104
age: 0
x-guploader-uploadid: ACJd0Nozg5Yoqk3Caip65mdlxy4v--_sKWTtGmsXQ57nABJ47Pnx-Z-DPBK2yck90KbOf0jqT30
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9981232 nNNY RT(1719007284084 3443) q(0 0 0 -1) r(0 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 562
last-modified: Thu, 14 Sep 2023 13:58:41 GMT
etag: "fd239f4f52d58e39b44902d2689a71b9"
x-goog-generation: 1694699921869265
content-type: image/png
x-goog-hash: crc32c=LfR+Aw==, md5=/SOfT1LVjjm0SQLSaJpxuQ==
cache-control: public,max-age=0
x-goog-stored-content-length: 562
accept-ranges: bytes

GET
H2 200 thumb_hu33b71ec6f03de7404d92bee634328a06_683085_1346x706_resize_q100_h2_lanczos.webp
dmarket.com/blog/cs2-mirage-callouts/ 190 KB
191 KB 515ms
64ms Image
image/webp 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/cs2-mirage-callouts/thumb_hu33b71ec6f03de7404d92bee634328a06_683085_1346x706_resize_q100_h2_lanczos.webp

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

84b305fe64ade6ebce5670f9e488f6cfb7b2c64472e88bc54f987f55172b0c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1718705532
age: 0
x-guploader-uploadid: ACJd0NpNABgsyfwBiTOpW5XDhEXJEJpUOp0n0QtWpG-ojrQk8KVtBcBS7RH0YCovEdLOl4qQB3-lJcRzhg
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9981234 nNNY RT(1719007284084 3445) q(0 0 0 -1) r(0 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 194428
last-modified: Tue, 18 Jun 2024 10:21:58 GMT
etag: "6388dc2358ab6f970201a10b92b1d399"
x-goog-generation: 1718706118659114
content-type: image/webp
x-goog-hash: crc32c=Z4Yguw==, md5=Y4jcI1irb5cCAaELkrHTmQ==
cache-control: public,max-age=0
x-goog-stored-content-length: 194428
accept-ranges: bytes

GET
H2 200 Frame_109.jpg
dmarket.com/blog/cs2-mirage-callouts/ 12 KB
13 KB 561ms
113ms Image
image/jpeg 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/cs2-mirage-callouts/Frame_109.jpg

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

eecfae9b03b110853f3eb508c97ec9e1154f6f63339a5abb3e13806623dc2894

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1710435431
age: 0
x-guploader-uploadid: ACJd0NqgVTckTfRSwRVRXT89_P68RYoSyYLpvwLoB1H0Y5zXOnHZ1Z6XhKqQIDTQvV6SyQvO5ZY
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9981236 nNNN RT(1719007284084 3446) q(0 0 0 -1) r(0 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 12524
last-modified: Thu, 14 Mar 2024 17:09:33 GMT
etag: "e7429fd28bf2bbb99ad475231c2a75f5"
x-goog-generation: 1710436173656627
content-type: image/jpeg
x-goog-hash: crc32c=nBxNbw==, md5=50Kf0ovyu7ma1HUjHCp19Q==
cache-control: public,max-age=0
x-goog-stored-content-length: 12524
accept-ranges: bytes

GET
H2 200 Frame_108.jpg
dmarket.com/blog/cs2-mirage-callouts/ 12 KB
12 KB 651ms
263ms Image
image/jpeg 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/cs2-mirage-callouts/Frame_108.jpg

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7f6b867c5ff58c027e2c2195f821871c56003ee45dba537d49c31a84fbdad6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1710435431
age: 0
x-guploader-uploadid: ACJd0NpVt3x1zIN886YN9biDEO5BXarb1HwTIPk1FMkkOQUqLmJuzAi9rfdXSjVkebkZVl537tBUHivaXQ
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9900577 pNNy RT(1719007284084 3447) q(0 1 1 -1) r(2 2) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 11978
last-modified: Thu, 14 Mar 2024 17:09:33 GMT
etag: "f1ada699ff06e7959dde9fbbae2dc3c7"
x-goog-generation: 1710436173595713
content-type: image/jpeg
x-goog-hash: crc32c=BcRIZA==, md5=8a2mmf8G55Wd3p+7ri3Dxw==
cache-control: public,max-age=0
x-goog-stored-content-length: 11978
accept-ranges: bytes

GET
H2 200 csgo_i.png
dmarket.com/blog/images/banner/popup/ 20 KB
21 KB 724ms
339ms Image
image/png 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/banner/popup/csgo_i.png

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

32cceba0ac93306e0c271ba1d3b169783f55e6f6f09d5a59de2f817bc5e2b42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1657641352
age: 0
x-guploader-uploadid: ACJd0NojhoksG_fOGDXQOUaXvGOWkkmlHwwdzyT-8GkvohffON4XX1tdrfauoIqN-FqPwEsEZMf25MuUdg
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9981232 pNNy RT(1719007284084 3448) q(0 1 1 -1) r(2 2) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20667
last-modified: Tue, 12 Jul 2022 15:59:20 GMT
etag: "4be242f07fab8a0620a23b7a9df9288d"
x-goog-generation: 1657641560848073
content-type: image/png
x-goog-hash: crc32c=tjbE7g==, md5=S+JC8H+rigYgojt6nfkojQ==
cache-control: public,max-age=0
x-goog-stored-content-length: 20667
accept-ranges: bytes

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 292ms
137ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 493879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R18rh5WsX9aaCKNZfUbEu9OhGCq5DY8hx0FbDAHb9TYScKvrjdk54Gz3BQ0ggoCDrXz81f1sN0hfOPQW5LRhWgn287osCIxgj1f6wvlIswJjzImyDbhbXHElJSNRhEPA0Iu%2Fzb0m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897746faed46912e-FRA
expires: Wed, 11 Jun 2025 22:01:27 GMT

GET
H3 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 364ms
131ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 99867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9564
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BzqLMTn4i9Muz0ODBAuPjJ3POAbbnN5OPLGOYHIQgi3dcTTKxX8ijJP7DyAltXf4ycy3r%2B%2FUYx1DeiJxkxORYrsfzD7DYYdHYcAniVCykFkH2LE5ZbRuNHL4evqx2SuD30qCEYRs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897746ff5a64912e-FRA
expires: Wed, 11 Jun 2025 22:01:28 GMT

GET
H2 200 bundle.5410bb210c904d16731383ab5a8a7b2e.js Show response
dmarket.com/blog/js/ 172 KB
42 KB 767ms
402ms Script
application/javascript 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://dmarket.com/blog/js/bundle.5410bb210c904d16731383ab5a8a7b2e.js

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

284f9b3ff3daedec3839b6e419b56045ed4fd1bc3b26220e6e90179db2a6bb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1718380064
age: 0
x-guploader-uploadid: ACJd0Nqzn-lYZVVvEnLaydl3FdZXy3MwnBDvWLgKNi-cjhh-kHnzCotQbT3PFu3uYkF46tS8ziO3Ziy5dw
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9954730 pNYy RT(1719007284084 3449) q(0 1 1 -1) r(2 2) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 14 Jun 2024 16:01:05 GMT
etag: "5410bb210c904d16731383ab5a8a7b2e"
x-goog-hash: crc32c=0wEUQw==, md5=VBC7IQyQTRZzE4OrWop7Lg==
x-goog-generation: 1718380865597984
content-type: application/javascript
cache-control: public,max-age=0
x-goog-stored-content-length: 175639
accept-ranges: bytes

GET
H3 200 fuse.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuse.js/3.2.0/ 10 KB
4 KB 460ms
243ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuse.js/3.2.0/fuse.min.js

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081fc6fb1c377a9efe765925031708bc5db460c7c5b45fbbc5bb5ab9048c8bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1900985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3517
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-29b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NND3TMeV8rih9Wq2zq5SoJtXO2y3QWw8pFs60q9RMkahYRKdTf2Bz02accFptA3xI8IJ3eXQXYpsszdhsJT2gxspdMVjTxJ5HrYXDCJq501L0t%2BjpKibQYHNiLTSsEJ018%2FJO5jI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897746ff5a68912e-FRA
expires: Wed, 11 Jun 2025 22:01:28 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 455ms
238ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 153816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6546
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ui1pEvtwsQRNSq2t8alYIdPxwbIQXayXKAisEyQ0SVRdi2%2BDcuDV0sSUReigqVcKPljEEUnwrLYfUgiieeGbBvGyQcbmRoHr0JpbZc%2FwfoW103wnzXgHcaN21CHRcLUWg%2FVviju"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897746ff5a69912e-FRA
expires: Wed, 11 Jun 2025 22:01:28 GMT

GET
H3 200 magnific-popup.min.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 5 KB
2 KB 326ms
171ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 109857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1283
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-148b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suFxeW%2F4POA3r%2BYlvdMlSSeS5DhTK2jPlHUpfJX3Oe%2BupRtfZxIZihZn9XKzdtGvB8d2udBze4TGZnYDloUimkYOOLI%2FAZROXpuPpduLJKSVgqppA2BQLX2F3zGdu%2BjGcqc%2FlCA%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897746faed44912e-FRA
expires: Wed, 11 Jun 2025 22:01:27 GMT

GET
H2 200 _Incapsula_Resource Show response
dmarket.com/ 144 KB
20 KB 313ms
0ms Script
application/javascript 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://dmarket.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1074779805

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

15ca840585339a5956358273cff078adc455b19b941bb3c528780a7a22b44006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20773
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 650ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600&display=swap

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/scss/main.7096a4ca49ee885910304dfc96549e2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea7c4a438cef51330307f7c15aa17efdc2797e843cb9bde47559a5eda41c34fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 22:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:38:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 22:01:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 449 KB
110 KB 735ms
0ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N82G7WC

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

733c19b6f4c5622be5fe011d8c5db5d562b07e0d3679800661d2e7cfa2f886fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112315
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:06:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 22:01:28 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 563ms
0ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://dmarket.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:27:45 GMT
x-content-type-options: nosniff
age: 282823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:27:45 GMT

GET
H2 200 banner_top2_hu44cdcf1dd9f2e971527bb53ada128d65_97378_1232x54_resize_q100_h2_lanczos_3.webp
dmarket.com/blog/img/banners/ 34 KB
34 KB 624ms
341ms Image
image/webp 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/img/banners/banner_top2_hu44cdcf1dd9f2e971527bb53ada128d65_97378_1232x54_resize_q100_h2_lanczos_3.webp

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

da29dd02a5410c37e68c17a3594e21715730f88497c00a14c32466002fa4e723

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1695977771
age: 0
x-guploader-uploadid: ACJd0Nrz3L3JyAgkVDULZ96GtJvgzwBO7wv1DOFvST0HsqsNEYHJRg7F2YZI5DUiJYQQpu_Jj6onxIcQag
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9869317 pNNy RT(1719007284084 3476) q(0 1 1 -1) r(2 2) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 34334
last-modified: Fri, 29 Sep 2023 09:09:35 GMT
etag: "2ebaed920ba00c1aff4c5c8ffa886653"
x-goog-generation: 1695978575462650
content-type: image/webp
x-goog-hash: crc32c=tb4UgQ==, md5=LrrtkgugDBr/TFyP+ohmUw==
cache-control: public,max-age=0
x-goog-stored-content-length: 34334
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d36751aba95ce54d132a22fd5e50f98c64e162205d0b099aeb1c1e1a5d97bbf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c5172c4c4f897ae12a6caabe28af382d93b1f85fde6232aeb87cb19466a1ad5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66f96b81737da5bf9d893ae303f0da199a0926e847870c571f21d66b6afbe804

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0d67f32a72dab05d181d88528eb240972f2fa26e6aebffb5f601b72d005e190

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f53237e9196e2d93a7d69d2f987cc0062d5f942bf1e30b971b10f86e9d1317f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcf1ead7be1e66c2ec225bfc32e77a9e6a975a639d76576c2df6a60ad58e3921

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a410cd2eeef3ea099e67119f0089ff2df9a219cda52f0d22bbbfce7d43d1b8cd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27467594aaf626b65a26abb1a64f958dde485e4dda091ced7a800e6bb2bbcfcc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 294 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acb2a2dc2a57af1adca74a7eb82ace501aed6a8ecd85505c388f096c2dae93ba

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 672 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea1bfc65f4dfdbeb6be77d0d99b050bc6f6bdf8c605b015f58be20df6f66646

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a95e36cb6957faabd08c47fc4fe9e35016816b239684bd96b9218d7acd605efd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 432 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33a8ad396310e8321e358bed4d2a75f09ba2c78197996cb8b6aeeebaaf573dac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cc4cb4a9d7ca6f2ef5998cc2aa395b09d431f9682dacc9e5f03492417c0c78d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94a5428bd56c1e6dceda180800aade6edc3684d3e8784e3a75142425722673a0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 img_hue43aca0ad8029efed700474419ec68c0_52451_50x50_resize_q100_h2_lanczos_3.webp
dmarket.com/blog/author/eugene-bozhenko/ 3 KB
3 KB 547ms
227ms Image
image/webp 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/author/eugene-bozhenko/img_hue43aca0ad8029efed700474419ec68c0_52451_50x50_resize_q100_h2_lanczos_3.webp

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5bbe66f92e64ea0f6e8e87f24a6ee30b21b668bcae412865c7400f9a22d03b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1697635910
age: 0
x-guploader-uploadid: ACJd0Nqukyh9LXLP0ZgPQoDKpvRx5B3F7VVaOh0_rq2GoU53zyQIUDCwA85Hh2MRca47vVNFOHyVSozwnA
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9981234 pNNy RT(1719007284084 3607) q(0 0 0 -1) r(2 2) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 2668
last-modified: Wed, 18 Oct 2023 13:41:02 GMT
etag: "1abd68de5be1def7481d26c5e6160d57"
x-goog-generation: 1697636462647481
content-type: image/webp
x-goog-hash: crc32c=vO8egw==, md5=Gr1o3lvh3vdIHSbF5hYNVw==
cache-control: public,max-age=0
x-goog-stored-content-length: 2668
accept-ranges: bytes

GET
H2 200 CSGO_huca4cef95285f926a8405e7d4627fb74c_142847_205x510_resize_q100_h2_lanczos.webp
dmarket.com/blog/img/banners/ 42 KB
43 KB 557ms
238ms Image
image/webp 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/img/banners/CSGO_huca4cef95285f926a8405e7d4627fb74c_142847_205x510_resize_q100_h2_lanczos.webp

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ed138c9c52e40e17c25415204f946ec8a32a825d4f238c78d9eed93e20e2b80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1695977773
age: 0
x-guploader-uploadid: ACJd0NqdSzqerOLM3anWZA3OzHT3SZvfY7CImZZqJuqQFeKabpww-K0BgnsmmPFkxfoVuH5SyW-OssMr5g
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9981236 pNNN RT(1719007284084 3611) q(0 0 0 -1) r(2 2) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 42972
last-modified: Fri, 29 Sep 2023 09:09:35 GMT
etag: "004e6e3ba8fb967636f25b2a602fcf91"
x-goog-generation: 1695978575291572
content-type: image/webp
x-goog-hash: crc32c=ZF9pAg==, md5=AE5uO6j7lnY28lsqYC/PkQ==
cache-control: public,max-age=0
x-goog-stored-content-length: 42972
accept-ranges: bytes

GET
H2 200 mirage-map-callouts_huf56efdc1a204a57f8eae2437d6359cbc_570456_675x0_resize_q100_h2_lanczos.webp
dmarket.com/blog/cs2-mirage-callouts/ 86 KB
86 KB 594ms
276ms Image
image/webp 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/cs2-mirage-callouts/mirage-map-callouts_huf56efdc1a204a57f8eae2437d6359cbc_570456_675x0_resize_q100_h2_lanczos.webp

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0ce30d8db289f2e7faf728d488d3eb4bd39dc0cd1faa0113dc05204e77c7d95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1718976107
age: 0
x-guploader-uploadid: ACJd0NrMDus-wglorwPjGBjWg8g6iTEjXo91gBxAiiyRz7Z-Rb5VfO0ikXc4YDOB97PZwZJu0XDo0u_fEw
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9900577 pNNy RT(1719007284084 3615) q(0 1 1 -1) r(2 2) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 87630
last-modified: Fri, 21 Jun 2024 13:33:12 GMT
etag: "22a5e068a0dbf545da8a0fbf96471d4e"
x-goog-generation: 1718976792141528
content-type: image/webp
x-goog-hash: crc32c=UGkLyQ==, md5=IqXgaKDb9UXaig+/lkcdTg==
cache-control: public,max-age=0
x-goog-stored-content-length: 87630
accept-ranges: bytes

GET
H2 200 _Incapsula_Resource
dmarket.com/ 1 B
93 B 89ms
35ms Image
text/plain 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/_Incapsula_Resource?SWKMTFSR=1&e=0.4767246284447837

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 156 KB
56 KB 508ms
154ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/js/bundle.5410bb210c904d16731383ab5a8a7b2e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e6fa93b3219955fb46c0f4362e0ee2bd2efa9824af9573a27517e076586269ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Jun 2024 09:09:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "666ffd34-dcde"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56542
expires: Fri, 21 Jun 2024 23:01:29 GMT

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 4 KB
4 KB 78ms
69ms Image
image/gif 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 509848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3208
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJSK2XkWDbGHmGrtqUsD4x2lWN2mMBUhzQd1bR%2BwSvPi6eHLWMu64lbGO0mRNQJwS05FaSfDwQT2VXP98VjEE%2FqmJehcZkZ5XgtifW2dWbvyRmA%2FTDPaAmHd2cde7VrFfuzQUxsO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 897747067a11912e-FRA
expires: Wed, 11 Jun 2025 22:01:29 GMT

GET
H2 200 arrow.svg
dmarket.com/blog/images/slick/ 711 B
896 B 215ms
105ms Image
image/svg+xml 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmarket.com/blog/images/slick/arrow.svg

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/scss/main.7096a4ca49ee885910304dfc96549e2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

44b5d30df813f5ca0d6e4a203cf226be4fffb9b10cf50d8421d4d5f592d538da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/scss/main.7096a4ca49ee885910304dfc96549e2f.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1674137770
age: 0
x-guploader-uploadid: ACJd0NqqTh8cakdU7xmwDm9wpuanLQgvXrtF0d9fP45ge0jzvnRuFeFD68iycnBjdx_HZqBe-mK1MFTY9g
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9900577 pNYy RT(1719007284084 4620) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 19 Jan 2023 15:13:46 GMT
etag: "6b0e3e6d3300aaea6125ab138840477c"
x-goog-hash: crc32c=M7GScA==, md5=aw4+bTMAquphJasTiEBHfA==
x-goog-generation: 1674141226592606
content-type: image/svg+xml
cache-control: public,max-age=0
x-goog-stored-content-length: 711
accept-ranges: bytes

GET
H3 200 slick.woff
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/fonts/ 1 KB
2 KB 255ms
181ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/fonts/slick.woff

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Origin: https://dmarket.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 708769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1285
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-564"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56JBdCBpiaOFjf2LSG2W3FQyyctszuzmGmLZ6WH7ZfOfdhXgI%2BYhTNa1w0%2FqX7EGwtlob4nq5KKFJMG0vb0zCf70rXv1yM%2B9YwITwPBdSt0jTCIBIn27NOzT0MSkFxdpcTHB2ycB"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89774707df03910d-FRA
expires: Wed, 11 Jun 2025 22:01:29 GMT

GET
H2 200 hg.js Show response
storage.googleapis.com/mycl-hansel-gretel/ 96 KB
96 KB 440ms
0ms Script
text/javascript 2a00:1450:4001:828::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/mycl-hansel-gretel/hg.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N82G7WC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:35:28 GMT
age: 1562
x-guploader-uploadid: ACJd0NqdGxvyf9U_qsAjQ-vTaK9H8xkHk3WxpHXwgskOgsUZzXO2fjBSzayf-juv6UuMR-TYTAbz1KZhlw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97852
last-modified: Tue, 08 Nov 2022 23:13:41 GMT
server: UploadServer
etag: "69c0026af7f2b8f2eed23f2f5fc5c68f"
x-goog-generation: 1667949221585553
x-goog-hash: crc32c=JO/WUg==, md5=acACavfyuPLu0j8vX8XGjw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 97852
accept-ranges: bytes
expires: Fri, 21 Jun 2024 22:35:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
108 KB 306ms
295ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NER4WDJQ1H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N82G7WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc2680461ec95547d14f64dd260a9798723c57b844cd2ada775f6527a27757b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 22:01:30 GMT

GET
H2 200 hotjar-1276013.js Show response
static.hotjar.com/c/ 17 KB
6 KB 398ms
33ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1276013.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N82G7WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

4e884310798b4cff7ec54a0d17246f0cd975c090666faa44308399a7c9c8aab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 22:01:24 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/63161ced32a77ab81c80beaa40ead81b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Eo-cDEi3HvxgQa5IJBtkVDPRk7AC52p-TGJsdnDDrTkQde2RkGlnVw==

GET
H2 200 braze.no-amd.min.js Show response
js.appboycdn.com/web-sdk/5.1/ 206 KB
60 KB 417ms
47ms Script
application/javascript 2606:4700::6810:7709
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/5.1/braze.no-amd.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N82G7WC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7923066db2b7a7ac042897644f2e927bb43cc45450c2d3bca92b0561b85480f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 19:38:30 GMT
server: cloudflare
x-amz-request-id: 93T6PCHGT2VQSFE8
age: 3287
etag: W/"ff7213646bef27b0e35c9768789db7cb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8977470c7fb39b76-FRA
x-amz-id-2: fJEAjZOGUpOAQclUeRu1xwKNaLFLW1+OcOju8GrRQUby8xsfCsvQ5WPlttmODjDW4nX0OhDB5VA=
expires: Sat, 22 Jun 2024 02:01:30 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 90 KB
27 KB 362ms
58ms Script
application/javascript 96.16.88.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.88.8 Madrid, Spain, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-16-88-8.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a92ffe05385c4d65343693065f7a6d7dbb554bc741c9550d8634aa23ef5f610a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Mw1YqUgK6H2AwYwDtxsidkb55nQv0dY0
content-encoding: br
date: Fri, 21 Jun 2024 22:01:30 GMT
x-amz-cf-pop: MAD53-P1
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 27697
last-modified: Thu, 20 Jun 2024 11:04:13 GMT
server: AmazonS3
etag: W/"42364c6d7d99fddb1d95f01aec597029"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: wp1-4nepx1nz65XC-pP8wXtsW0ybDhGaDbJFH9S6O9x4y88K3l2efA==
expires: Sat, 22 Jun 2024 06:01:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 266ms
27ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 22:01:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: tcEXb0mHnoyj0gz/Mi2Xw/5sWS2Rc2IBf/9hMAsFqpfQghqOODaDg9Keb2K94MizOC/T6DFsZeLXsBfXefGqug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 242 KB
85 KB 92ms
59ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-792105951&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N82G7WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1546943074d35564cded94afa1ef934f262add5703fd8924694fcc50c81f0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87245
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 21:06:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 22:01:30 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10407.IakC88kfIMu-SHgVO_i97Eeur326SVlg_OlP5y9k1-NdurEH74ATs6xhhXNZ9IBy.JY4ggHCZwOzCLR5nGRA-Ob5Tmck%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10407.jLfcvWaMg0x95ikx-4jYeXnaJ8WEXbkjoBOPfPtFWrweYuT27hS82C2NYtDnPKC6QPhvUM8U2Ss6BcaKcl0YIDTu2TkxHDsjNR7DAzs8qZ7r0ECs8ob4bKY7v9YPABzVpZT8FBvwaI...

43 B
674 B

127ms
100ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10407.jLfcvWaMg0x95ikx-4jYeXnaJ8WEXbkjoBOPfPtFWrweYuT27hS82C2NYtDnPKC6QPhvUM8U2Ss6BcaKcl0YIDTu2TkxHDsjNR7DAzs8qZ7r0ECs8ob4bKY7v9YPABzVpZT8FBvwaIaZS9jN1R366yatg8ONoqcowxsc4cUu7sx46D0WXcfq98Vvw9KHEYC8D8j2iRAHOpOC0m7UFtfxjePLUksZbiCYmqINlyaUFcE%2C.fjDEtHirs9Ej0BgXk7hg6EKFfug%2C

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 21 Jun 2024 22:01:31 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10407.jLfcvWaMg0x95ikx-4jYeXnaJ8WEXbkjoBOPfPtFWrweYuT27hS82C2NYtDnPKC6QPhvUM8U2Ss6BcaKcl0YIDTu2TkxHDsjNR7DAzs8qZ7r0ECs8ob4bKY7v9YPABzVpZT8FBvwaIaZS9jN1R366yatg8ONoqcowxsc4cUu7sx46D0WXcfq98Vvw9KHEYC8D8j2iRAHOpOC0m7UFtfxjePLUksZbiCYmqINlyaUFcE%2C.fjDEtHirs9Ej0BgXk7hg6EKFfug%2C
date: Fri, 21 Jun 2024 22:01:31 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 modules.ef112488b1de7ff5f962.js Show response
script.hotjar.com/ 223 KB
56 KB 191ms
33ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ef112488b1de7ff5f962.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1276013.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 110425
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56326
last-modified: Thu, 20 Jun 2024 15:20:30 GMT
etag: "4bf3c968ca73f7170da42a1ae7ed463c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FYWh2uXRxV3K1N7b1XHlR27Ju6ADR0MvJme-wS5erKNlQeY1TXxASg==

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 396 B
608 B 891ms
247ms Script
application/javascript 23.219.78.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9587240&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&channel_type=code&implementation_type=potentially_gtm&jsonp=__1wg5rt04qf7

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.219.78.145 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-219-78-145.deploy.static.akamaitechnologies.com

Software

Resource Hash

4db8dcdf0b4b1aabda60f8580f35a4a2fdbf238a5c3dc918611f9aae291fe6b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://dmarket.com/;
X-Frame-Options	allow-from https://dmarket.com/

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors https://dmarket.com/;
date: Fri, 21 Jun 2024 22:01:31 GMT
cross-origin-resource-policy: cross-origin
content-length: 396
vary: Accept-Encoding
x-frame-options: allow-from https://dmarket.com/
content-type: application/javascript; charset=UTF-8

GET
H2 200 1082864428575406 Show response
connect.facebook.net/signals/config/ 70 KB
14 KB 51ms
49ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1082864428575406?v=2.9.158&r=stable&domain=dmarket.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e797df10752383d33d6efa69c1ca4f25e7e2db0644e7218a29f7c8a0a984975

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 22:01:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14266
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=58, mss=1297, tbw=63558, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: mkT4eidJEPUbQe2XTTuO9oDItRNaKoQ3m5r1a+49gDbJZ2dppDLvZJ6XUc3V7vIZXhe6zc1onX2J5DF+kL/7cA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
592 B 82ms
82ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Jun 2024 09:09:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "666ffd34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 21 Jun 2024 23:01:31 GMT

OPTIONS
H2 200 /
sdk.iad-06.braze.com/api/v3/data/ Frame 0
0 455ms
246ms Preflight 2606:4700:4400::6812:2ba8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ba8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://dmarket.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 897747130d292c4d-FRA
content-encoding: gzip
date: Fri, 21 Jun 2024 22:01:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
868 B 175ms
54ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/5.1/braze.no-amd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:57:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3006
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wSfVIa5LoclWhF9A4zOLlyAIGGpNxk3Pc7ABEDpq7aBERsMNXQlD6iKFH3D%2FHZsvdpXJtTXPIiGPhlHKEqU92hCE7n6SG1ZfFTZ8JAQlnj%2BRcfX61LVYTaUthOYjUxy7uudMtdeLE776HSo00m8ugbK5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 897747122c5c4d89-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 201 / Show response
sdk.iad-06.braze.com/api/v3/data/ 36 KB
8 KB 2827ms
2826ms XHR
application/json 2606:4700:4400::6812:2ba8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/5.1/braze.no-amd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ba8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df1723d6ec83827513c00eeeb6dcceca41b922eed7e1957aaf6926c61af62d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Braze-Api-Key: 8d1a6f28-586c-4a45-bb75-de18c5306938
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Last-Req-Ms-Ago: 7200000
Referer: https://dmarket.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Braze-Req-Attempt: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: b46edec8-8105-4fad-b5b2-accf93645256
x-runtime: 0.335750
server: cloudflare
etag: W/"6df1723d6ec83827513c00eeeb6dccec"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1719007293
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 897747149ec82c4d-FRA
x-ratelimit-remaining: 488.0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 149ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NER4WDJQ1H&gtm=45je46j0v9119675991z89119528515za200zb9119528515&_p=1719007287873&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=996186196.1719007291&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1719007291&sct=1&seg=0&dl=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&dt=CS2%20Mirage%20Callouts%20Explained%20%7C%20DMarket%20%7C%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&epn.custom_timestamp=1719007289873&tfd=7863&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NER4WDJQ1H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 22:01:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dmarket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 149ms
50ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NER4WDJQ1H&cid=996186196.1719007291&gtm=45je46j0v9119675991z89119528515za200zb9119528515&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NER4WDJQ1H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 22:01:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dmarket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 129ms
56ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NER4WDJQ1H&cid=996186196.1719007291&gtm=45je46j0v9119675991z89119528515za200zb9119528515&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=431625425

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 22:01:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 51ms
51ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/7f85a56ba4.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2507914
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJq%2Fv%2FSsZUej%2B7MEk28VGg%2BDRF0L3lLmf5lsW3CRmZlRS2ZngaGe3ZBjY4vEnVmkEmqMqfcMaxvS%2Fl0eCq6vVV9s3DgfVNmwMyOflFOlusXXIKMIy5tULmJGOcGHnqF0xIqYI%2Fy1Skh3kk9Jc6i%2FZIa%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 89774713adde4d89-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 tp2
latte.dmarket.com/com.snowplowanalytics.snowplow/ Frame 0
0 397ms
190ms Preflight 2606:4700:10::6816:4eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://latte.dmarket.com/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dmarket.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://dmarket.com
access-control-max-age: 5
cf-cache-status: DYNAMIC
cf-ray: 89774715183d929b-FRA
content-length: 0
date: Fri, 21 Jun 2024 22:01:31 GMT
server: cloudflare
strict-transport-security: max-age=15552000
via: 1.1 google
x-content-type-options: nosniff

POST
H2 200 tp2 Show response
latte.dmarket.com/com.snowplowanalytics.snowplow/ 2 B
384 B 2814ms
216ms XHR
text/plain 2606:4700:10::6816:4eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://latte.dmarket.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/mycl-hansel-gretel/hg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 21 Jun 2024 22:01:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dmarket.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 897747269e494d8a-FRA
content-length: 2

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&charset=utf-8&site-info=%7B%22jquery%22%3Atrue...

447 B
566 B

72ms
72ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%223.4.1%22%2C%22shareVersion%22%3A2%7D&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1ddf25rn73ebk2eteqr6jr5riz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A106023613098%3Ahid%3A400585651%3Az%3A120%3Ai%3A20240622000130%3Aet%3A1719007291%3Ac%3A1%3Arn%3A658712551%3Arqn%3A1%3Au%3A1719007291429817379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4591%3Ads%3A0%2C1358%2C255%2C87%2C1066%2C0%2C%2C1542%2C1%2C%2C%2C%2C5903%3Aco%3A0%3Acpf%3A1%3Ans%3A1719007283549%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719007292%3At%3ACS2%20Mirage%20Callouts%20Explained%20%7C%20DMarket%20%7C%20Blog&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%282134272%29ti%281%29

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4299afcbc3b8050f42469ded60b518949580f654a7b5d478709a5ff2a366a41a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dmarket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 22:01:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 21-Jun-2024 22:01:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dmarket.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Fri, 21-Jun-2024 22:01:31 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 22:01:31 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Jun-2024 22:01:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%223.4.1%22%2C%22shareVersion%22%3A2%7D&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1ddf25rn73ebk2eteqr6jr5riz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A106023613098%3Ahid%3A400585651%3Az%3A120%3Ai%3A20240622000130%3Aet%3A1719007291%3Ac%3A1%3Arn%3A658712551%3Arqn%3A1%3Au%3A1719007291429817379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4591%3Ads%3A0%2C1358%2C255%2C87%2C1066%2C0%2C%2C1542%2C1%2C%2C%2C%2C5903%3Aco%3A0%3Acpf%3A1%3Ans%3A1719007283549%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719007292%3At%3ACS2%20Mirage%20Callouts%20Explained%20%7C%20DMarket%20%7C%20Blog&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%282134272%29ti%281%29
access-control-allow-origin: https://dmarket.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 21-Jun-2024 22:01:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 83ms
22ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1082864428575406&ev=PageView&dl=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&rl=&if=false&ts=1719007291623&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719007291618.825119406560487388&cs_est=true&ler=empty&cdl=API_unavailable&it=1719007291051&coo=false&rqm=GET

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 22:01:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 204ms
145ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1082864428575406&ev=PageView&dl=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&rl=&if=false&ts=1719007291623&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719007291618.825119406560487388&cs_est=true&ler=empty&cdl=API_unavailable&it=1719007291051&coo=false&rqm=FGET

Requested by

Host: dmarket.com
URL: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xfa501ca7c10f255e","source_keys":["1","2"]},{"key_piece":"0x3e7d746078c15884","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 22:01:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383080097842308508", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=3128, tp=-1, tpl=-1, uplat=122, ullat=0
pragma: no-cache
x-fb-debug: 2vfypnzOokHg78QYrgHfCodx1AxpmIvKwNOnyVp0jX7GF9YOnGmF+gWGl482Cp5UgiI4gkFJWVcT3cRwmHdWVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383080097842308508"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 6 KB
2 KB 2558ms
2558ms Script
application/javascript 23.219.78.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=66747f65-5b0b-4672-b1e6-748089210064&version=2660.0.10.1272.251.326.132.17.2.2.2.478.2&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.78.145 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-78-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 17c39402a49916029d7e1668a69167d4f78d2fcb2db0c39d70967cb7ead79aa6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:31 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=439
cross-origin-resource-policy: cross-origin
content-length: 2090
expires: Fri, 21 Jun 2024 22:08:50 GMT

GET metrika_match.html
mc.yandex.com/metrika/ Frame 88FE 0
0

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 36C3 0
0 1091ms
320ms Document
text/html 23.219.78.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9587240&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.78.145 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-78-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dmarket.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2004
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Jun 2024 22:01:35 GMT
Vary: Accept-Encoding
cross-origin-resource-policy: cross-origin

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 232ms
230ms Script
application/javascript 23.219.78.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=66747f65-5b0b-4672-b1e6-748089210064&version=470b74842e9d45ce9f156d1d5a957bad_9ddf61b09e03725e38853a868fe9b82f&language=en&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.78.145 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-78-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 91c6234486eddad6cf4dee6d681bf96cbd9f7047a8171f7ea0d38572e0168c6f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:34 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=434
cross-origin-resource-policy: cross-origin
content-length: 3957
expires: Fri, 21 Jun 2024 22:08:48 GMT

POST
H2 200 tp2 Show response
latte.dmarket.com/com.snowplowanalytics.snowplow/ 2 B
59 B 198ms
198ms XHR
text/plain 2606:4700:10::6816:4eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://latte.dmarket.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/mycl-hansel-gretel/hg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 21 Jun 2024 22:01:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dmarket.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 89774727efa64d8a-FRA
content-length: 2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 46ms
28ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NER4WDJQ1H&gtm=45je46j0v9119675991z89119528515za200zb9119528515&_p=1719007287873&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=996186196.1719007291&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1719007291&sct=1&seg=0&dl=https%3A%2F%2Fdmarket.com%2Fblog%2Fcs2-mirage-callouts%2F%3Fko_click_id%3Dko_d8daxii6q41dooo63&dt=CS2%20Mirage%20Callouts%20Explained%20%7C%20DMarket%20%7C%20Blog&en=view_item&epn.custom_timestamp=1719007290236&_et=16&tfd=12891&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NER4WDJQ1H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 22:01:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dmarket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
dmarket.com/blog/images/ 32 KB
33 KB 159ms
153ms Other
image/vnd.microsoft.icon 45.223.25.16
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://dmarket.com/blog/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.25.16 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8e79d7c06ac775893db97c63631172c8df8ea1a1f286f332f53da25cace781c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dmarket.com/blog/cs2-mirage-callouts/?ko_click_id=ko_d8daxii6q41dooo63
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 22:01:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-cdn: Imperva
x-goog-meta-goog-reserved-file-mtime: 1635780893
age: 0
x-guploader-uploadid: ACJd0Npgs8pgSQgo_GppGv2oo8QkN1oBkQ5GGP6s5IR_ou2tWsvZaXV8gXtxYFnbqf_y7i7KMl4BAV3S9g
x-goog-storage-class: STANDARD
x-iinfo: 9-9981077-9900577 pNNy RT(1719007284084 12270) q(0 0 0 -1) r(1 1) U5
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 32988
last-modified: Mon, 01 Nov 2021 15:55:31 GMT
etag: "18e76fdee6edda984cbcca7ff7965b70"
x-goog-generation: 1635782131669851
content-type: image/vnd.microsoft.icon
x-goog-hash: crc32c=OL2tgg==, md5=GOdv3ubt2phMvMp/95ZbcA==
cache-control: public,max-age=0
x-goog-stored-content-length: 32988
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.com
URL: https://mc.yandex.com/metrika/metrika_match.html

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 07:06:07	Name: __lc_cid Value: 27b2acb6-e4a8-4fab-884c-29a30b3e0f0c
.accounts.livechatinc.com/v2/customer/token	1970-01-21 07:06:07	Name: __lc_cst Value: 42a1c45c64af50505f3c956f61c7b2b68aca1a6df7cf8a1351d1baa8139ee67711d0df54f242d5e381c08f42efb74d0e15cea5456f685947fab2869f111c
.accounts.livechatinc.com/customer/token	1970-01-21 07:06:07	Name: __lc_cid Value: 27b2acb6-e4a8-4fab-884c-29a30b3e0f0c
.accounts.livechatinc.com/customer/token	1970-01-21 07:06:07	Name: __lc_cst Value: 42a1c45c64af50505f3c956f61c7b2b68aca1a6df7cf8a1351d1baa8139ee67711d0df54f242d5e381c08f42efb74d0e15cea5456f685947fab2869f111c
.stateluxe.com/	1970-01-21 06:15:43	Name: __ddg1_ Value: 9MZUQznuR0CXhwr4tgGJ
.dmarket.com/	1970-01-21 06:14:18	Name: visid_incap_2319161 Value: wFruRFUNSb6MtSPvYWvUOTX4dWYAAAAAQUIPAAAAAAA2YuxwFAeTs6PvOzk8XISD
.dmarket.com/	1969-12-31 23:59:59	Name: incap_ses_184_2319161 Value: SlIEULoPdWRF13y5HbONAjX4dWYAAAAAqtZVCl0Jzw1l+Otcz6Oslw==
.yandex.ru/	1970-01-21 07:06:07	Name: i Value: K1DVn2+4WHhx/4sKteQgXHkwM1relxCwBjV29F9/Iv+xjLTwWVUTVgj1IsCwBI5O+o/WTk4YUoJqn9MPQu50uF8EI+E=
.yandex.ru/	1970-01-21 07:06:07	Name: yandexuid Value: 8691644181719007289
.yandex.ru/	1970-01-21 06:15:43	Name: yashr Value: 3825445991719007289
mc.yandex.ru/	1970-01-21 06:15:43	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.dmarket.com/	1970-01-20 23:39:43	Name: _gcl_au Value: 1.1.897662606.1719007290
.dmarket.com/	1970-01-21 06:15:43	Name: _ym_uid Value: 1719007291429817379
.dmarket.com/	1970-01-21 06:15:43	Name: _ym_d Value: 1719007291
.dmarket.com/	1970-01-20 21:30:09	Name: spses.28b7 Value: *
.dmarket.com/	1970-01-21 07:06:07	Name: spid.28b7 Value: f3851c40-6b5d-4c0b-8684-84e00ef9ed5e.1719007291.1.1719007291.1719007291.5a7311a2-f18e-414d-9186-642480fa8ff9
.mc.yandex.com/	1970-01-20 21:30:07	Name: sync_cookie_csrf Value: 3812404771fake
mc.yandex.com/	1970-01-21 06:15:43	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.mc.yandex.ru/	1970-01-20 21:30:07	Name: sync_cookie_csrf Value: 1832803773fake
.yandex.com/	1970-01-21 06:15:43	Name: yashr Value: 2393392141719007291
.yandex.com/	1970-01-21 06:15:43	Name: yandexuid Value: 8691644181719007289
.yandex.com/	1970-01-21 06:15:43	Name: yuidss Value: 8691644181719007289
.yandex.com/	1970-01-21 07:06:07	Name: i Value: K1DVn2+4WHhx/4sKteQgXHkwM1relxCwBjV29F9/Iv+xjLTwWVUTVgj1IsCwBI5O+o/WTk4YUoJqn9MPQu50uF8EI+E=
.yandex.com/	1970-01-21 07:06:07	Name: yp Value: 1719093691.yu.8562944981719007291
.mc.yandex.com/	1970-01-20 21:31:33	Name: sync_cookie_ok Value: synced
.dmarket.com/	1970-01-21 07:06:07	Name: _ga Value: GA1.1.996186196.1719007291
.dmarket.com/	1970-01-21 07:06:07	Name: _ga_NER4WDJQ1H Value: GS1.1.1719007291.1.0.1719007291.60.0.0
.dmarket.com/	1970-01-20 21:31:19	Name: _ym_isad Value: 2
.dmarket.com/	1970-01-20 23:39:43	Name: _fbp Value: fb.1.1719007291618.825119406560487388
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1445700191719007291
.yandex.com/	1970-01-21 06:15:43	Name: ymex Value: 1721599291.oyu.8562944981719007291#1750543291.yrts.1719007291
.yandex.com/	1970-01-21 06:15:43	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 06:15:43	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjExNCIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTE0IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMTQiIg==
.dmarket.com/	1970-01-21 06:15:43	Name: _hjSessionUser_1276013 Value: eyJpZCI6IjA5NzBkOGRkLWZiM2UtNWRiMS04Mjg3LTMzMjFjYWFmYzc3MiIsImNyZWF0ZWQiOjE3MTkwMDcyOTE3NTgsImV4aXN0aW5nIjpmYWxzZX0=
.dmarket.com/	1970-01-20 21:30:09	Name: _hjSession_1276013 Value: eyJpZCI6IjVhNTFmNTBlLWI3ZjQtNDY3Ny1hZTM1LTkzNzA3Yjg4NWZmNCIsImMiOjE3MTkwMDcyOTE3NjEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.dmarket.com/	1970-01-21 06:15:43	Name: _sp_cookie Value: 179d06db-dac6-4a26-9371-75d3d78c2ea8
accounts.livechatinc.com/	1970-01-20 21:30:07	Name: __oauth_redirect_detector Value: counter=1&t=1719007327&tag=02b35833b7e1e68a018b976c910bf87cfc0dbe1a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.livechatinc.com/tracking.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.livechatinc.com
cdn.livechatinc.com
cdnjs.cloudflare.com
connect.facebook.net
dmarket.com
fonts.googleapis.com
fonts.gstatic.com
js.appboycdn.com
latte.dmarket.com
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
script.hotjar.com
sdk.iad-06.braze.com
secure.livechatinc.com
stateluxe.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
use.fontawesome.com
www.facebook.com
www.google.de
www.googletagmanager.com
mc.yandex.com
104.17.25.14
13.32.27.19
142.250.185.67
18.66.102.53
185.178.208.187
2001:4860:4802:32::36
23.219.78.145
2606:4700:10::6816:4eaf
2606:4700:3036::6815:1b98
2606:4700:4400::6812:2ba8
2606:4700::6810:7709
2a00:1450:4001:812::2003
2a00:1450:4001:828::201b
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:400c:c06::9a
2a02:6b8::1:119
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
45.223.25.16
96.16.88.8
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
081fc6fb1c377a9efe765925031708bc5db460c7c5b45fbbc5bb5ab9048c8bbf
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ce30d8db289f2e7faf728d488d3eb4bd39dc0cd1faa0113dc05204e77c7d95b
0ea1bfc65f4dfdbeb6be77d0d99b050bc6f6bdf8c605b015f58be20df6f66646
15ca840585339a5956358273cff078adc455b19b941bb3c528780a7a22b44006
17c39402a49916029d7e1668a69167d4f78d2fcb2db0c39d70967cb7ead79aa6
1d36751aba95ce54d132a22fd5e50f98c64e162205d0b099aeb1c1e1a5d97bbf
1e797df10752383d33d6efa69c1ca4f25e7e2db0644e7218a29f7c8a0a984975
1ebda874e1cffbda25a61733a74c0b2304c35aa922355cbf671739c492477bd6
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27467594aaf626b65a26abb1a64f958dde485e4dda091ced7a800e6bb2bbcfcc
284f9b3ff3daedec3839b6e419b56045ed4fd1bc3b26220e6e90179db2a6bb40
2be949997561c2c7046dc4567a0c2daec45d8291fd0b3665a6018508bf7682c0
32cceba0ac93306e0c271ba1d3b169783f55e6f6f09d5a59de2f817bc5e2b42f
33a8ad396310e8321e358bed4d2a75f09ba2c78197996cb8b6aeeebaaf573dac
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4299afcbc3b8050f42469ded60b518949580f654a7b5d478709a5ff2a366a41a
44b5d30df813f5ca0d6e4a203cf226be4fffb9b10cf50d8421d4d5f592d538da
4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8
4c5172c4c4f897ae12a6caabe28af382d93b1f85fde6232aeb87cb19466a1ad5
4cc4cb4a9d7ca6f2ef5998cc2aa395b09d431f9682dacc9e5f03492417c0c78d
4db8dcdf0b4b1aabda60f8580f35a4a2fdbf238a5c3dc918611f9aae291fe6b3
4e884310798b4cff7ec54a0d17246f0cd975c090666faa44308399a7c9c8aab3
4f53237e9196e2d93a7d69d2f987cc0062d5f942bf1e30b971b10f86e9d1317f
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5bbe66f92e64ea0f6e8e87f24a6ee30b21b668bcae412865c7400f9a22d03b20
5d3e5c0a88549b7a0aaa2ff2f59c5465e1b8a89a7bf4688782dc1f7ff7e7a8f6
616cb7e902626052d494eb472257d50b00d623db87e2741705355172ecf30d61
66f96b81737da5bf9d893ae303f0da199a0926e847870c571f21d66b6afbe804
6df1723d6ec83827513c00eeeb6dcceca41b922eed7e1957aaf6926c61af62d6
70c6343a2721357b2051a3fa63a574053782a817f2813084d9e80f9e6c447179
733c19b6f4c5622be5fe011d8c5db5d562b07e0d3679800661d2e7cfa2f886fb
7f6b867c5ff58c027e2c2195f821871c56003ee45dba537d49c31a84fbdad6af
844063189c5da8c94fbc13319e4e95b1598c4ab14f8be88ba653c82789bbb4ae
84b305fe64ade6ebce5670f9e488f6cfb7b2c64472e88bc54f987f55172b0c06
84bc51d20601e8fb30246fa48951b7dbf881e0482919c526d050249e4d99cfe8
8e79d7c06ac775893db97c63631172c8df8ea1a1f286f332f53da25cace781c5
91c6234486eddad6cf4dee6d681bf96cbd9f7047a8171f7ea0d38572e0168c6f
94a5428bd56c1e6dceda180800aade6edc3684d3e8784e3a75142425722673a0
9f26f68525664d1bf11b3269dc6461a708827fd3d28dc0bc2c44d016b9ddca6e
a410cd2eeef3ea099e67119f0089ff2df9a219cda52f0d22bbbfce7d43d1b8cd
a92ffe05385c4d65343693065f7a6d7dbb554bc741c9550d8634aa23ef5f610a
a95e36cb6957faabd08c47fc4fe9e35016816b239684bd96b9218d7acd605efd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acb2a2dc2a57af1adca74a7eb82ace501aed6a8ecd85505c388f096c2dae93ba
b0d67f32a72dab05d181d88528eb240972f2fa26e6aebffb5f601b72d005e190
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcf1ead7be1e66c2ec225bfc32e77a9e6a975a639d76576c2df6a60ad58e3921
c1546943074d35564cded94afa1ef934f262add5703fd8924694fcc50c81f0bf
c60606afe0ec36cb11517bb3ec6681e2f1ae6ef65c9d902fdeda3c866fcdb61c
d7923066db2b7a7ac042897644f2e927bb43cc45450c2d3bca92b0561b85480f
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
da29dd02a5410c37e68c17a3594e21715730f88497c00a14c32466002fa4e723
dc2680461ec95547d14f64dd260a9798723c57b844cd2ada775f6527a27757b1
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fa93b3219955fb46c0f4362e0ee2bd2efa9824af9573a27517e076586269ac
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
ea7c4a438cef51330307f7c15aa17efdc2797e843cb9bde47559a5eda41c34fa
ed138c9c52e40e17c25415204f946ec8a32a825d4f238c78d9eed93e20e2b80c
eecfae9b03b110853f3eb508c97ec9e1154f6f63339a5abb3e13806623dc2894
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3675844d265cacedcc13a0c02a12b572488f1b144155112d1df31fa7ee0e66f

dmarket.com Open in urlscan Pro 45.223.25.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

95 %HTTPS

62 %IPv6

18 Domains

23 Subdomains

21 IPs

6 Countries

1372 kBTransfer

3421 kBSize

37 Cookies

12 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dmarket.com Open in urlscan Pro
45.223.25.16 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

95 %
HTTPS

62 %
IPv6

18
Domains

23
Subdomains

21
IPs

6
Countries

1372 kB
Transfer

3421 kB
Size

37
Cookies

66 HTTP transactions
14 data transactions