URL: https://csgobettingz2.com/
Submission Tags: phishingrod
Submission: On January 26 via api from DE — Scanned from NL

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 43 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is csgobettingz2.com.
TLS certificate: Issued by GTS CA 1P5 on January 26th 2024. Valid for: 3 months.
This is the only time csgobettingz2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12324
48 KB
7 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 3915
api.cmp.inmobi.com — Cisco Umbrella Rank: 13519
213 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
176 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
169 KB
3 gstatic.com
fonts.gstatic.com
64 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11938
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
2 hbagency.it
hbagency.it — Cisco Umbrella Rank: 179126
145 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
188 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12161
58 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
34 KB
1 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 15285
75 KB
1 cloudfront.net
d3u598arehftfk.cloudfront.net
33 KB
1 csgobettingz2.com
csgobettingz2.com
53 KB
43 14
Domain Requested by
12 blogger.googleusercontent.com csgobettingz2.com
6 cmp.inmobi.com hbagency.it
cmp.inmobi.com
5 cdnjs.cloudflare.com csgobettingz2.com
cdnjs.cloudflare.com
d3u598arehftfk.cloudfront.net
3 fonts.gstatic.com csgobettingz2.com
3 securepubads.g.doubleclick.net csgobettingz2.com
securepubads.g.doubleclick.net
2 counter.yadro.ru 1 redirects csgobettingz2.com
2 connect.facebook.net csgobettingz2.com
connect.facebook.net
2 hbagency.it d3u598arehftfk.cloudfront.net
2 pagead2.googlesyndication.com csgobettingz2.com
pagead2.googlesyndication.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.blogger.com csgobettingz2.com
1 ajax.googleapis.com csgobettingz2.com
1 4.bp.blogspot.com csgobettingz2.com
1 d3u598arehftfk.cloudfront.net csgobettingz2.com
1 csgobettingz2.com
43 16

This site contains links to these domains. Also see Links.

Domain
fb.com
www.way2themes.com
gooyaabitemplates.com
www.liveinternet.ru
Subject Issuer Validity Valid
csgobettingz2.com
GTS CA 1P5
2024-01-26 -
2024-04-25
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
hbagency.it
Cloudflare Inc ECC CA-3
2023-09-20 -
2024-09-19
a year crt.sh
*.blogger.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-11-04 -
2024-02-02
3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2023-08-18 -
2024-08-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://csgobettingz2.com/
Frame ID: DFC0568E7955061515B68FFD5B6D86F2
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: CE47ACF980B09355E2FA50367A621FAD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Prmovies

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

88 %
IPv6

14
Domains

16
Subdomains

17
IPs

3
Countries

1345 kB
Transfer

4189 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://counter.yadro.ru/hit?t43.6;r;s1600*1200*24;uhttps%3A//csgobettingz2.com/;hPrmovies;0.5690122191164031 HTTP 302
  • https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//csgobettingz2.com/;hPrmovies;0.5690122191164031

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
csgobettingz2.com/
353 KB
53 KB
Document
General
Full URL
https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
798489430e62034fc75150aef0e8f53430f44f573be0e67a052786b6654f0d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
84b81ba2b96a7289-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 Jan 2024 10:35:14 GMT
expires
Fri, 26 Jan 2024 10:35:14 GMT
last-modified
Fri, 26 Jan 2024 03:43:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BLAGTbKf%2F7IomAerZ%2F9JaZ%2FTjXT5IUpGzHrpnn5lDi1sgl3tnD0gVeacTiaRddqQWu%2FJoXlLP5LTO0V4lTTHV20oO%2F12usMYcLzVTAJyh58VLOYlpVq9AsNjkvUkobYcsFAfNfJeSo9OebZo424fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33bbf24ac7b357d2c6c22091a8aabc00de26607b067bd0eb59d3bf88414262d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29388
x-xss-protection
0
server
cafe
etag
457 / 19748 / 31080640 / config-hash: 11543485900695594775
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 10:35:14 GMT
prebid_hb_3403_5546.js
d3u598arehftfk.cloudfront.net/
147 KB
33 KB
Script
General
Full URL
https://d3u598arehftfk.cloudfront.net/prebid_hb_3403_5546.js
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9e00:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e9e1075f5f0778b32bbadc3f5c888e82db20416e84c31cd5db00b2a54fd4fd1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 13:42:03 GMT
content-encoding
gzip
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Fri, 02 Jun 2023 07:55:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
3185592
etag
W/"4d1a3e68384ef79fec080292cd32a67b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=864000
x-amz-cf-id
0mBaWM60ctFxnhtE5BEA6oR43QMtKUmicrPeN4VrN-Fy38AOAhqIVw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9654019712241781
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aac5df69cb1aa152ff0c72d7c545f81cd588a85de849f475d1be31a037895d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://csgobettingz2.com/
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51152
x-xss-protection
0
server
cafe
etag
16404442599161656947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 26 Jan 2024 10:35:14 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/
54 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4774176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9802
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-d78f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxIomoYBXeJaQj7SF48PRU%2FVy1i4ouKq4Rtn5k5dXyric7QI8btJ4se3BQPq7IDo108f8YDO3uf9ooPj8dcicyWcZ55L2t76Ke%2FYxgL5oEkw1sSooABqGHZkeu6arJiQPsOqE5ZfozVG%2Bc%2BonViZqXu8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b81ba6fb7e39c8-FRA
expires
Wed, 15 Jan 2025 10:35:14 GMT
slider-1.png
4.bp.blogspot.com/-qVdB2d0TGuI/YHMSDP-WrKI/AAAAAAAAKg8/ikx-F7NAn6MWML4XTMIX0-NaqMwM7Kr0gCK4BGAYYCw/s1600/
74 KB
75 KB
Image
General
Full URL
https://4.bp.blogspot.com/-qVdB2d0TGuI/YHMSDP-WrKI/AAAAAAAAKg8/ikx-F7NAn6MWML4XTMIX0-NaqMwM7Kr0gCK4BGAYYCw/s1600/slider-1.png
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ea2004a9941e87fc01192d45d564dbad0de566a8c38cdc0aeb75f87187fe56c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 07:00:11 GMT
x-content-type-options
nosniff
age
12903
content-disposition
inline;filename="slider-1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76147
x-xss-protection
0
server
fife
etag
"v2a10"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:00:11 GMT
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v10/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://csgobettingz2.com/
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:13:45 GMT
x-content-type-options
nosniff
age
346889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22336
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:22:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 10:13:45 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/
73 KB
73 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4863688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74328
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12258"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZLvLxu8LHKM%2B0oS7Yp0CtR79UVc2joips7v1MVSFkDESnobvwBKRtEE5ZhvRof5T237v3h0mR5nkMm0C0zlskQbd06SQBYRprFlzMvK1StbaHUxX5mFDhwqkOCqOhuR%2Bh2tQY0hYl%2B%2FXYkP1AAYjHZV"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b81ba758861e5c-FRA
expires
Wed, 15 Jan 2025 10:35:14 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v10/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://csgobettingz2.com/
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:24:41 GMT
x-content-type-options
nosniff
age
238233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21244
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:21:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 16:24:41 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/
13 KB
14 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bca595b1e3228fcfa8edc95a7c4ae364c4589e7e6e440a426cf4bbdc6687088
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
150196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13584
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-3510"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbAnDZPY8UaXUnmZIGkOB7mfN4c7Fzv%2BB1spjrHlWuMsrizMYB%2FVjMHyC51XcRqi78l7pJbbQZ%2FXXHwxb8kAW0WuhKFZccxVm9lVk3q7KdWOByOMNHlQwNI3q5FBkHss4y1ujaoGYUtiPpGQemcBCAeL"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b81ba758841e5c-FRA
expires
Wed, 15 Jan 2025 10:35:14 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/
73 KB
74 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
148356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74656
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-123a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeRf6406XUq8Q6utx7h9x7gEdPaLRAFYbn3M%2F995swMun5SXBwzn473Xz9YI4Q8r8tAr8jC%2BoRUaed4hIcZnO3gYD2pczFK%2FHm%2B0w7nAB0xjxc%2BvuGz8TgXu6x50ibHnsBH%2B9faqvDPs9lUyvwIJd%2FOs"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b81ba758851e5c-FRA
expires
Wed, 15 Jan 2025 10:35:14 GMT
images.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDh0F9En3j-11r8cQF1lQV2_xjB31UxP5eluWZX_4HqeRWj1-6qIGxFDU7l1txOPaeprYjvByyGwwXxZ-TLpZwFEJ_9fh_XXfpH9oqN0WuFJsL6feLs7AL6mclBAdDErK56J8MLEQezhJ8ssYu...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDh0F9En3j-11r8cQF1lQV2_xjB31UxP5eluWZX_4HqeRWj1-6qIGxFDU7l1txOPaeprYjvByyGwwXxZ-TLpZwFEJ_9fh_XXfpH9oqN0WuFJsL6feLs7AL6mclBAdDErK56J8MLEQezhJ8ssYur8NwzXIIzWMCI3cEMgp4qUHJ4hyphenhyphenFLBVjEVYUbQUTrps/w72-h72-p-k-no-nu/images.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7d46664b89541242e5ef63ecd338c3a1ff8e113ec8dec250746a42c5698c1ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v1822"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="images.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4507
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:15 GMT
download.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUVa_dLw77ZeZH0JOVCY0QGMgaA2RuOf2h1EtEJ2Ztn-J-CBUV7yOl8EiLbNTsXGLyTKK4AOzVSI932g6YbCbJa4m6S7VCty8t05kjboxXiZEoCfhZ5RR-wex8kWxO0b35Oce8FtHbMq5R-40X...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUVa_dLw77ZeZH0JOVCY0QGMgaA2RuOf2h1EtEJ2Ztn-J-CBUV7yOl8EiLbNTsXGLyTKK4AOzVSI932g6YbCbJa4m6S7VCty8t05kjboxXiZEoCfhZ5RR-wex8kWxO0b35Oce8FtHbMq5R-40XR9b-RX_MEoS_JeVK139XH_BiWWU8Wci-n_7iTtGhECA/w72-h72-p-k-no-nu/download.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2218f06bdceb1fad2cf8f96d75e596791ec94adc7eef12f2c2440e44ca3f08f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v181b"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="download.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3845
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:15 GMT
100617887.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc2IOzuWKv_OhYxAvkf1xtOLrTsiF5RKR0xclofmPtqH9gTiWHPAYumlZHoGjr_Yv4ORhIWYTgQkED3QU-lpBvwExcx5MlzdHZstTbtkU5Cuy7pRi3aoJeZwdmTiwsosQDzTrEM6KTp33aTsy1...
5 KB
5 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc2IOzuWKv_OhYxAvkf1xtOLrTsiF5RKR0xclofmPtqH9gTiWHPAYumlZHoGjr_Yv4ORhIWYTgQkED3QU-lpBvwExcx5MlzdHZstTbtkU5Cuy7pRi3aoJeZwdmTiwsosQDzTrEM6KTp33aTsy1t4lSp1xxYVhyphenhyphenYit_YRIaciVYIrhn_IVApnTBfYTxNTE/w72-h72-p-k-no-nu/100617887.webp
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
700dd3ada06e4351a7952e980c9d52c5e7cc14f388f24174f42187c54334692c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v1816"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="100617887.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4765
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:14 GMT
images.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd8lJjBl4nifkdIj0c-myOq8BH_cDXm5gitqLk48ILH5TC6Yw2k76NswiHbuv1Oql8eIEu5yUde6NeTSnD8uPKA6laRIBmb-HK2ysgazQ41VKNZIOkBYoGGD4hm7_SjdXwFS2sCljtO6NYoYRa...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd8lJjBl4nifkdIj0c-myOq8BH_cDXm5gitqLk48ILH5TC6Yw2k76NswiHbuv1Oql8eIEu5yUde6NeTSnD8uPKA6laRIBmb-HK2ysgazQ41VKNZIOkBYoGGD4hm7_SjdXwFS2sCljtO6NYoYRaPA3t_vLcT2GgICoe65ab_b4Zkc71M32K08_ifHqFaBE/w72-h72-p-k-no-nu/images.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b10dad7850ebf9c98df44bd21a54d01abf4f5313104fb93839b74c31595d4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v1812"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="images.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3669
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:14 GMT
ssr.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_GQ4SOeEAOrK29rVvVNt2u4qhtTO6LHjY_Q_PG5B5SubybE5-szQA1p4egTwjCxspRXA53I-419lKH9QWupI0ib6u5kL69weSntH504tzTELLVISGzyxMWMGwfk5WuMv3FouMejpKm8pHg-h6...
3 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_GQ4SOeEAOrK29rVvVNt2u4qhtTO6LHjY_Q_PG5B5SubybE5-szQA1p4egTwjCxspRXA53I-419lKH9QWupI0ib6u5kL69weSntH504tzTELLVISGzyxMWMGwfk5WuMv3FouMejpKm8pHg-h6oPv61kdZpwOsoI0F8j6fXv4sIB6K-OV3ufu7EgTBYjI/w72-h72-p-k-no-nu/ssr.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
47504961499c96711c16b56315bf23e1ca336de991d36a496dd47b3694018822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v180d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ssr.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3583
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:14 GMT
maxresdefault.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYbiwix2OHa5tfxyXkfhj-e2M4GrWNAGh3fW_Qv91zbenDHeRYv5FhYsuwkwGO6dpZL5StIVSQR8wlBkzgrYTmwPobciLjZje1F03n-VXHyFy9hewxvZ9OWwxPM34N5L-51iyKn2z-_qQDhrDk...
5 KB
5 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYbiwix2OHa5tfxyXkfhj-e2M4GrWNAGh3fW_Qv91zbenDHeRYv5FhYsuwkwGO6dpZL5StIVSQR8wlBkzgrYTmwPobciLjZje1F03n-VXHyFy9hewxvZ9OWwxPM34N5L-51iyKn2z-_qQDhrDko1a5fKcRJYk1CCUXM5YCNw5WbnvC2KOL2VPPwMrxb4Q/w72-h72-p-k-no-nu/maxresdefault.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d0992b945974d71022505deeae38fcef32613b19707838202fa0ed897ec6a707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v180b"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="maxresdefault.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5394
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:14 GMT
images.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCETccw1UsCClTC725_8Tg9C2U0pCkvcknYFTPSLMKdeCpYJT51K0bdTNMq16aFdHdSNi1333ncD4YCp-OO4LSS0kPx0JB3T7ABNQ1HiBrC8zAkfqXWjvGmZdL-QYPS1axUAbvaGZGm1zY7xEz...
3 KB
3 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCETccw1UsCClTC725_8Tg9C2U0pCkvcknYFTPSLMKdeCpYJT51K0bdTNMq16aFdHdSNi1333ncD4YCp-OO4LSS0kPx0JB3T7ABNQ1HiBrC8zAkfqXWjvGmZdL-QYPS1axUAbvaGZGm1zY7xEznPqp0CgwM82VjNwfHZsCEM_1NjUh2yZiNPEwCJIcccU/w72-h72-p-k-no-nu/images.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5743b5f26af5497d08c384a1e021f3c264273772d3c450b236406ebb43c3bb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v1807"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="images.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3383
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:14 GMT
download.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPuJXpk0pp6GeHyvajgw_u6qXQyp9Min7Dt3OtvoPqraTF2wKwswipV4p8jT4o8MPlEO5ejteQG9Hx2iZ8j23i2jkLhVmhspmP0c_fJO8FF1daKrT0_9LZ0UjLfc6S72lY0Yhdk6qoq06W3YSc...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPuJXpk0pp6GeHyvajgw_u6qXQyp9Min7Dt3OtvoPqraTF2wKwswipV4p8jT4o8MPlEO5ejteQG9Hx2iZ8j23i2jkLhVmhspmP0c_fJO8FF1daKrT0_9LZ0UjLfc6S72lY0Yhdk6qoq06W3YSceHvAi_X6sV3cV7ZMGKQIGsyEXUGx4Nj0Nf2QX7p4X2o/w72-h72-p-k-no-nu/download.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b9a47baddd2dc883438e34b5e997af200f330e69c4df9681b688eca82f46ad7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v1805"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="download.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3587
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:14 GMT
p24429970_k_h10_ab.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCmp-RzTpkXe0ocjrA-wFixRVCznBs-e-D1_Le81GYbSLpu-HnvC5EkZApYKOmJi0LfKKSH1dYPrKvyoExtQYILtVHRJ07RBlpHWrIdl5bSUC-ME6X0KStjQOXmXOXnBXbl82aWlg4fa8iDTw0...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCmp-RzTpkXe0ocjrA-wFixRVCznBs-e-D1_Le81GYbSLpu-HnvC5EkZApYKOmJi0LfKKSH1dYPrKvyoExtQYILtVHRJ07RBlpHWrIdl5bSUC-ME6X0KStjQOXmXOXnBXbl82aWlg4fa8iDTw0AuRn4DNMuB03pVCxBfm0WVWNF7_JfzX0-qIt7Tf78f0/w72-h72-p-k-no-nu/p24429970_k_h10_ab.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d8bd8ce6667c3ce3270f1cc6842f95dcdc252c0f4e95c643e9ca91e80a6a9134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v1803"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="p24429970_k_h10_ab.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3772
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:15 GMT
100519498.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRHdrpVCP-5uQ_fQWtmbPRAQZ0okOg8iS_n1k4apgwJAi_BlFjlNnTs1l2ityGrUfHKtbzC_nHAoLgIY0sieaMwNDKiz55nmP3FYsoT0M8RQgZtPVPOS4WspyMBOdMfP-FIKZFkTcv9MZiIIIp...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRHdrpVCP-5uQ_fQWtmbPRAQZ0okOg8iS_n1k4apgwJAi_BlFjlNnTs1l2ityGrUfHKtbzC_nHAoLgIY0sieaMwNDKiz55nmP3FYsoT0M8RQgZtPVPOS4WspyMBOdMfP-FIKZFkTcv9MZiIIIpaQ_ZU1SwpLJvvEeVaSIJ0XS5Iyu_aXovTAtfBWkaa7o/w72-h72-p-k-no-nu/100519498.webp
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
515ca7f7619a0d73a6340b395c051d4a0a53d3cf1cb2b0d5a4bf52a23044263f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v1801"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="100519498.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3785
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:15 GMT
download%20(1).jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEic5QwxP3neLmQ7FkGVh2gMSDXzdm8AoRXlTa3NCeCwsSdP0M9hamwOKZ5ezzY8AGACmCrn86poPVpfpehq5lAazC5Bz9K3sdrCsu-1Yz2M1mVTVtJzSEzsM45V4OthHhEiDZshY6jy01lhSk-E...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEic5QwxP3neLmQ7FkGVh2gMSDXzdm8AoRXlTa3NCeCwsSdP0M9hamwOKZ5ezzY8AGACmCrn86poPVpfpehq5lAazC5Bz9K3sdrCsu-1Yz2M1mVTVtJzSEzsM45V4OthHhEiDZshY6jy01lhSk-EyX9UtmT50KuzTDzzl8bBi_3SXckIovFihBAfb5k8FiE/w72-h72-p-k-no-nu/download%20(1).jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f0e2fc6ce50c0b9861950697acdc35ceff031d97252244a2f1ff970d1a45b8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v17fe"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="download (1).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4087
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:15 GMT
download.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFzptsoyEkTYL2gp9DhEBtpsKoau7dD6GUtlZzs9SCuloanW8sSSDgJYehHt5U9pwjwdiLIPCfq69dp0inBsmI9TN9OVwPT4_7LfikUF1N79FO1Hgo5yWCtUWXNWf1Kg6fBtFNZHMUGxCFVc8H...
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFzptsoyEkTYL2gp9DhEBtpsKoau7dD6GUtlZzs9SCuloanW8sSSDgJYehHt5U9pwjwdiLIPCfq69dp0inBsmI9TN9OVwPT4_7LfikUF1N79FO1Hgo5yWCtUWXNWf1Kg6fBtFNZHMUGxCFVc8HnWuxtwm5cjiMft3dZMoU6SgXBtWUDEI6OxRxNX30KhE/w72-h72-p-k-no-nu/download.jpg
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ca40f8457a20d0a669b98d62faba6a1051fadfe059ab4f4b4ab2619bcffcfb56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v17fc"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="download.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3727
x-xss-protection
0
expires
Sat, 27 Jan 2024 10:35:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:52:02 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v10/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://csgobettingz2.com/
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:32:18 GMT
x-content-type-options
nosniff
age
212576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21304
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:32:18 GMT
tcf2_cmp_hbagency.js
hbagency.it/cdn/
2 KB
1 KB
Script
General
Full URL
https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3403_5546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2cb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5605aa52bfeebb8d52feaec247d7aed862816bd1fb0230f9a10a8a939b9c4207

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1879
cf-polished
origSize=1710
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 08:45:19 GMT
server
cloudflare
etag
W/"6ae-60a5527fc04e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A59cpFVsMjoQe3yGAB0Gg1rlaN%2BdkBtPtELzNdKhL1LhWhFChsR%2FKmW6LT9JmJhWaB6alxd0evBXgVfYE6EeSbYbXF93TTl4%2Bi8Axpp0xIANHokV0ANLqdjPL4qXpIg65uoACsG0VXMz8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
84b81ba7bc401b08-AMS
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/
17 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3403_5546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
287147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5117
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELhlcmmUMTRk8M7moenqwj%2FIaykumcgQdewxuuCHIZeuaLjZD6qi8bmmdbasBtzxVuDTxQWnovnZS5uIJR9wv0%2FjxMoFC1S1ofLMSVaVSf0H2DiAttkTKV717vCgEFBGK9Srhcoa54sf3mHctcp8ZSGR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b81ba75bcf39c8-FRA
expires
Wed, 15 Jan 2025 10:35:14 GMT
prebid_7_44_ng.js
hbagency.it/cdn/
470 KB
144 KB
Script
General
Full URL
https://hbagency.it/cdn/prebid_7_44_ng.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3403_5546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2cb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
488
cf-polished
origSize=481793
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 11:28:34 GMT
server
cloudflare
etag
W/"75a01-5f90dcab31228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykCfSR5XgQd5%2BHbCn42mZ3n5PMx7DfDcrldsuL3iI2JxOFOW9KH7MeJ43FIuwrurDgNcZ6JCxowzPsB%2FU%2FFKFFosZ1Em7PfKvrtWLdrQVKXU6FLccfULCsqrrsNgciq9yL%2BltmFpAQG5GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
84b81ba7bc3e1b08-AMS
2572602432-widgets.js
www.blogger.com/static/v1/widgets/
160 KB
58 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/2572602432-widgets.js
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9280547cd3ca5b942fa8e00de6dd0d3524b986f59aa0a0d3f1140c01cb255c25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 01:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59278
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 22:02:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 23 Jan 2025 01:53:57 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ced45fa6ea75ab88028618fa057687229723babf3798df122b666444037204b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 10:35:14 GMT
content-md5
+RIfNswwcjgZylmCOUKXJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
mzwVp2BGOHYuFMijP2TbWKtKK/QftGPZVP9KwHvrFR2HY0x14WAlt1i1H3hI4xlelILOdQHDP9SR7tzsf4cMBA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
01486b81f639b73e8f5a6b196001a680
cross-origin-opener-policy
same-origin-allow-popups
etag
"ff9215f1ee204f25c7ca6501a6647eb0"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 26 Jan 2024 10:52:40 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080640
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 01:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
32563
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
11931332024773231753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 25 Jan 2025 01:32:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
62 B
77 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=csgobettingz2.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5580d55d6e01617f8891fa2d6998bc1318190ee22cd195c335f64b41e1ba822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
x-xss-protection
0
expires
Fri, 26 Jan 2024 10:35:14 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/
405 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9654019712241781&plah=csgobettingz2.com&bust=31080662
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9654019712241781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ede2f3552ac1526b268bf0f5c05d74d33e9a475ca7c762ced48b56464593e91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140752
x-xss-protection
0
server
cafe
etag
12618351300317564698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 10:35:14 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame CE47
9 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9654019712241781
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://csgobettingz2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
39277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 23:40:37 GMT
etag
3890843268177463596
expires
Thu, 08 Feb 2024 23:40:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
choice.js
cmp.inmobi.com/choice/cJsduNRegvC-s/hbagency.it/
4 KB
2 KB
Script
General
Full URL
https://cmp.inmobi.com/choice/cJsduNRegvC-s/hbagency.it/choice.js?tag_version=V3
Requested by
Host: hbagency.it
URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fe9373c70da8c3deb19bed67ef35e5001cb688217190b344699ce27520dc617

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:35:14 GMT
content-encoding
br
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 07:52:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
33
x-amz-server-side-encryption
AES256
etag
W/"831ccb50df1e7848f50f4f3771c7c828"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
jvCSdTXn0v_BSNIjXMb9GPD3_SUoutngoG_wJNhNL56UILVObfwQQg==
sdk.js
connect.facebook.net/en_US/
297 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a14559d26061be9ed5312375f15e6ee1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d57eafb38c5ae77d7f8cf359f9c9ff0485b6a0e631f269ed2d0ed8522f01e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://csgobettingz2.com/
Origin
https://csgobettingz2.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 10:35:14 GMT
content-md5
7ZS5xm/CAZ5Vxuu4jyKOhw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86997
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0"
x-fb-debug
KDLMnsYBmnsSNAAYzK9wnoXtafbbD+K5D/zxXO7uUQt/OHW+fvAOEku/Ji4AraPrPYCwa3avhJM55IjfHfZfUg==
x-fb-content-md5
b1d89848338fa8ce2a6997e5f9096bc9
cross-origin-opener-policy
same-origin-allow-popups
etag
"e7b6bfdee80d0b2dacd6fe7e099fdaac"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 Jan 2025 10:18:42 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t43.6;r;s1600*1200*24;uhttps%3A//csgobettingz2.com/;hPrmovies;0.5690122191164031
  • https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//csgobettingz2.com/;hPrmovies;0.5690122191164031
148 B
634 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//csgobettingz2.com/;hPrmovies;0.5690122191164031
Requested by
Host: csgobettingz2.com
URL: https://csgobettingz2.com/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
931383ad7739ca39f3a67277ee1b475d8567181feb6ef127c421238d1172fff2
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jan 2024 10:35:14 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
148
Expires
Wed, 25 Jan 2023 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Jan 2024 10:35:14 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//csgobettingz2.com/;hPrmovies;0.5690122191164031
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Wed, 25 Jan 2023 21:00:00 GMT
cmp2.js
cmp.inmobi.com/tcfv2/
158 KB
44 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=hbagency.it
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/cJsduNRegvC-s/hbagency.it/choice.js?tag_version=V3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 09:56:06 GMT
content-encoding
gzip
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
2348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Dec 2023 23:27:11 GMT
server
AmazonS3
etag
W/"50f82c7ed55d2acc412a5ede5e7b40f6"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
okSzc5vWSFNKFv2UHABiGdORJFE3NaERlsuvlJJs6I3vS6m5wTzxPw==
cmp-list.json
cmp.inmobi.com/GVL-v2/
12 KB
3 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1517127a9cb6e2ee4b1f1df501a47f708b90202d7b73b2794011db3fc123255

Request headers

Accept
application/json, text/plain, */*
Referer
https://csgobettingz2.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 03:00:44 GMT
content-encoding
br
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
27271
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 Jan 2024 03:00:42 GMT
server
AmazonS3
etag
W/"adcf0503f9188fab1fa84582fb721743"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
gudOVVf7s2GGGv0fPZOJ_s3sNXFMx0hfG51mORPcPNM3uJOpzygZ4g==
cmp2ui-en.js
cmp.inmobi.com/tcfv2/50/
279 KB
68 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:56:57 GMT
content-encoding
br
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
59897
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 06 Dec 2023 23:27:04 GMT
server
AmazonS3
etag
W/"1140e593a3bca4a411e76bddf0dcac5d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
VSYfYiQIjLwpsl8qYVxoht-VybaqnvwL94igSxthhiZK0Xgp2H_nFg==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/
561 KB
62 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22802cb0e108fb93779e4049f45bcbf2ddf29d2da1212919ab4792e085d4e6bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://csgobettingz2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 23:59:24 GMT
content-encoding
br
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
38151
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 Jan 2024 23:59:18 GMT
server
AmazonS3
etag
W/"99dbfdb9b2574c76cf1b3badd43e7f43"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
hIG8KQLwfLv0DX_qdRNkYmG6ZeAk4n5CjXo2TAoPLt6PrZ4jHPuqFg==
google-atp-list.json
cmp.inmobi.com/tcfv2/
143 KB
33 KB
XHR
General
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df74a75e3b87631fcf6ab319f7acaf2c4947c5161391637f284586f4bba80a2f

Request headers

Accept
application/json, text/plain, */*
Referer
https://csgobettingz2.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 03:00:27 GMT
content-encoding
br
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
27288
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 Jan 2024 03:00:24 GMT
server
AmazonS3
etag
W/"3ea05fe59d076742eafb131161634090"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
OJ41_NPRrlzElkGBHEB2oca6tc0_wcf69xbaWwOZWdi0UKvThvVgPA==
/
api.cmp.inmobi.com/
2 B
101 B
XHR
General
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22cJsduNRegvC-s%22%2C%22domain%22%3A%22csgobettingz2.com%22%2C%22publisher%22%3A%22hbagency.it%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22tLySkNkCc27cHtywQ0JFhA%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1706265314847%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-p9od0aei6agk76vi6ir6%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.231.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-231-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://csgobettingz2.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Jan 2024 10:35:14 GMT
content-length
2
content-type
text/plain; charset=utf-8
truncated
/
237 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| googletag object| monthFormat string| noThumbnail number| postPerPage boolean| fixedSidebar string| commentsSystem string| disqusShortname object| messages boolean| Tghb boolean| hbagency_ismobile boolean| hasvideo_hbagency boolean| hasvideo_hbagency_content boolean| hassmilewanted_hbagency boolean| hasteads_hbagency boolean| hasgeoedge_hbagency boolean| hascmp_hbagency boolean| registerConsent_hbagency boolean| hbagency_usp boolean| autoapprovecmp_hbagency boolean| monitor_hbagency object| fdpCategories object| fdpSubCategories string| fdpKeywords string| analytics_hbagency number| PREBID_TIMEOUT_hbagency number| PREBID_TIMEOUT_R_hbagency string| USER_ID_hbagency string| WEBSITE_ID_hbagency string| nomesite_hbagency string| domain_hbagency object| ZONE_ID object| headerbidding_mp object| hb_floors_hbagency object| adUnits_hbagency string| urlhb_3 string| urlHbstats string| urlHbstatsAnalytics object| pbjs_hbagencyicd boolean| autopromo_hbagency number| cpmfixvideo_hbagency boolean| adagioanalytics_hbagency boolean| hbrefreshFD object| refreshedHB object| refreshedHBT object| refreshedHBPassback boolean| cmphbagency boolean| isloadebrid boolean| isloadedima boolean| ispubstackHB undefined| currentImg object| safe_b_hbagency object| bidder number| j object| realTimeDataHB object| dp object| idw boolean| hbagencyisIE11 object| hbManager function| HBManager function| postscribe function| $ function| jQuery object| _w2tobfus69 undefined| uri undefined| clean_uri object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| __tcfapi function| __uspapi object| pbjs_hbagencyicdChunk object| _pbjsGlobals object| ADAGIO object| invibes object| FB function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| __buffer object| regeneratorRuntime function| __tcfapiui function| google_sa_impl function| inView

2 Cookies

Domain/Path Name / Value
.yadro.ru/ Name: FTID
Value: 1biuhY3Kuauj1biuhY001KC5
.yadro.ru/ Name: VID
Value: 0Zw-mb1TBf8j1biuhY001KCX

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
ajax.googleapis.com
api.cmp.inmobi.com
blogger.googleusercontent.com
cdnjs.cloudflare.com
cmp.inmobi.com
connect.facebook.net
counter.yadro.ru
csgobettingz2.com
d3u598arehftfk.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
hbagency.it
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.blogger.com
18.197.231.253
2600:9000:214f:b200:1b:cadc:ef40:93a1
2600:9000:223f:9e00:1f:946:f000:21
2606:4700:3034::6815:2cb8
2606:4700::6811:190e
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2009
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3121::3
88.212.201.198
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d
0d57eafb38c5ae77d7f8cf359f9c9ff0485b6a0e631f269ed2d0ed8522f01e24
2218f06bdceb1fad2cf8f96d75e596791ec94adc7eef12f2c2440e44ca3f08f2
22802cb0e108fb93779e4049f45bcbf2ddf29d2da1212919ab4792e085d4e6bc
33bbf24ac7b357d2c6c22091a8aabc00de26607b067bd0eb59d3bf88414262d5
3bca595b1e3228fcfa8edc95a7c4ae364c4589e7e6e440a426cf4bbdc6687088
3e9e1075f5f0778b32bbadc3f5c888e82db20416e84c31cd5db00b2a54fd4fd1
47504961499c96711c16b56315bf23e1ca336de991d36a496dd47b3694018822
4fe9373c70da8c3deb19bed67ef35e5001cb688217190b344699ce27520dc617
515ca7f7619a0d73a6340b395c051d4a0a53d3cf1cb2b0d5a4bf52a23044263f
5605aa52bfeebb8d52feaec247d7aed862816bd1fb0230f9a10a8a939b9c4207
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
5743b5f26af5497d08c384a1e021f3c264273772d3c450b236406ebb43c3bb74
62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6aac5df69cb1aa152ff0c72d7c545f81cd588a85de849f475d1be31a037895d3
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc
700dd3ada06e4351a7952e980c9d52c5e7cc14f388f24174f42187c54334692c
798489430e62034fc75150aef0e8f53430f44f573be0e67a052786b6654f0d34
7d46664b89541242e5ef63ecd338c3a1ff8e113ec8dec250746a42c5698c1ca7
8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44
8ede2f3552ac1526b268bf0f5c05d74d33e9a475ca7c762ced48b56464593e91
9280547cd3ca5b942fa8e00de6dd0d3524b986f59aa0a0d3f1140c01cb255c25
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
931383ad7739ca39f3a67277ee1b475d8567181feb6ef127c421238d1172fff2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ced45fa6ea75ab88028618fa057687229723babf3798df122b666444037204b
b10dad7850ebf9c98df44bd21a54d01abf4f5313104fb93839b74c31595d4851
b9a47baddd2dc883438e34b5e997af200f330e69c4df9681b688eca82f46ad7a
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c5580d55d6e01617f8891fa2d6998bc1318190ee22cd195c335f64b41e1ba822
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
ca40f8457a20d0a669b98d62faba6a1051fadfe059ab4f4b4ab2619bcffcfb56
d0992b945974d71022505deeae38fcef32613b19707838202fa0ed897ec6a707
d1517127a9cb6e2ee4b1f1df501a47f708b90202d7b73b2794011db3fc123255
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
d8bd8ce6667c3ce3270f1cc6842f95dcdc252c0f4e95c643e9ca91e80a6a9134
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3
df74a75e3b87631fcf6ab319f7acaf2c4947c5161391637f284586f4bba80a2f
ea2004a9941e87fc01192d45d564dbad0de566a8c38cdc0aeb75f87187fe56c2
f0e2fc6ce50c0b9861950697acdc35ceff031d97252244a2f1ff970d1a45b8bd