Submitted URL: http://totalcsgo.com/
Effective URL: https://totalcsgo.com/
Submission: On September 05 via api from SG — Scanned from FR

Summary

This website contacted 33 IPs in 7 countries across 24 domains to perform 83 HTTP transactions. The main IP is 51.38.175.34, located in France and belongs to OVH, FR. The main domain is totalcsgo.com.
TLS certificate: Issued by R3 on August 30th 2022. Valid for: 3 months.
This is the only time totalcsgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 51.38.175.34 16276 (OVH)
4 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
4 52.88.5.146 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 3.220.26.216 14618 (AMAZON-AES)
1 3.224.43.174 14618 (AMAZON-AES)
2 2 185.89.210.153 29990 (ASN-APPNEX)
3 52.4.241.119 14618 (AMAZON-AES)
1 216.52.2.39 30282 (AS-INAPCD...)
1 18.156.0.31 16509 (AMAZON-02)
1 132.226.63.138 31898 (ORACLE-BM...)
1 1 213.19.147.45 26120 (RHYTHMONE)
1 23.35.236.201 16625 (AKAMAI-AS)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.244.159.8 15169 (GOOGLE)
2 37.157.3.28 198622 (ADFORM)
2 2600:1f18:612... 14618 (AMAZON-AES)
4 185.83.142.19 29990 (ASN-APPNEX)
1 50.16.6.120 14618 (AMAZON-AES)
2 18.185.210.110 16509 (AMAZON-02)
1 69.166.1.15 27630 (AS-XFERNET)
2 51.38.120.206 16276 (OVH)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 151.101.129.108 54113 (FASTLY)
2 23.205.235.133 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
83 33
Apex Domain
Subdomains
Transfer
20 aniview.com
play.aniview.com — Cisco Umbrella Rank: 20226
player.aniview.com — Cisco Umbrella Rank: 2410
track1.aniview.com — Cisco Umbrella Rank: 2549
go1.aniview.com — Cisco Umbrella Rank: 5345
sync.aniview.com — Cisco Umbrella Rank: 3125
312 KB
15 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 30890
static.avantisvideo.com — Cisco Umbrella Rank: 31934
events1.avantisvideo.com — Cisco Umbrella Rank: 27283
cdn1.avantisvideo.com — Cisco Umbrella Rank: 36198
avm.avantisvideo.com — Cisco Umbrella Rank: 31489
81 KB
9 totalcsgo.com
totalcsgo.com
1007 KB
7 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 725
ib.adnxs.com — Cisco Umbrella Rank: 329
acdn.adnxs.com — Cisco Umbrella Rank: 876
23 KB
5 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1415
eus.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 1115
11 KB
4 gstatic.com
fonts.gstatic.com
201 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2206
79 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
130 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
360 B
2 tremorhub.com
p4dt2-ha1hf.ads.tremorhub.com — Cisco Umbrella Rank: 153025
831 B
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 3113
407 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 713
image6.pubmatic.com — Cisco Umbrella Rank: 891
6 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
5 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 3006
728 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 6867
409 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 975
304 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1389
384 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
243 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1710
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
28 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
41 KB
83 24
Domain Requested by
9 player.aniview.com cdn.avantisvideo.com
player.aniview.com
9 totalcsgo.com 1 redirects totalcsgo.com
6 track1.aniview.com player.aniview.com
6 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 ib.adnxs.com player.aniview.com
acdn.adnxs.com
4 events1.avantisvideo.com totalcsgo.com
4 fonts.gstatic.com fonts.googleapis.com
3 sync.aniview.com player.aniview.com
3 fundingchoicesmessages.google.com totalcsgo.com
3 cdn.avantisvideo.com totalcsgo.com
cdn.avantisvideo.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 onetag-sys.com player.aniview.com
2 prebid-server.rubiconproject.com player.aniview.com
2 p4dt2-ha1hf.ads.tremorhub.com player.aniview.com
2 adx.adform.net player.aniview.com
2 secure.adnxs.com 2 redirects
2 securepubads.g.doubleclick.net www.googletagservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com totalcsgo.com
1 token.rubiconproject.com
1 acdn.adnxs.com player.aniview.com
1 image6.pubmatic.com ads.pubmatic.com
1 apex.go.sonobi.com player.aniview.com
1 hb.yellowblue.io player.aniview.com
1 u.openx.net player.aniview.com
1 csync.loopme.me 1 redirects
1 ads.pubmatic.com player.aniview.com
1 sync.1rx.io 1 redirects
1 sync.technoratimedia.com player.aniview.com
1 ups.analytics.yahoo.com player.aniview.com
1 ap.lijit.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 www.googletagservices.com totalcsgo.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 static.avantisvideo.com cdn.avantisvideo.com
1 www.googletagmanager.com totalcsgo.com
83 38

This site contains no links.

Subject Issuer Validity Valid
totalcsgo.com
R3
2022-08-30 -
2022-11-28
3 months crt.sh
*.avantisvideo.com
Amazon
2021-11-24 -
2022-12-22
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-24 -
2023-02-15
6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-17 -
2022-10-05
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.yellowblue.io
Amazon
2022-04-23 -
2023-05-22
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh

This page contains 14 frames:

Primary Page: https://totalcsgo.com/
Frame ID: 97ACA9D217BFCB42F661A678030EFCB2
Requests: 61 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: CD4C942E27D112C11B1036D802200C90
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Frame ID: FBAE485E6611EF3A9E25961A7DEA92ED
Requests: 8 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=55&key=3924819587469134317
Frame ID: D6CF87389CF8DE6DD4CDAE760D37D2DC
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D18%26key%3D%24UID
Frame ID: D649401CB1280C0B788A1BE8483B0322
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: BC9A4A21D207696B2DB62C9642371A16
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1662369826368-991016545326-007499-009-005816&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 467AE8AEDC8D76175240A2EC762D2ECA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=200&key=OPTOUT
Frame ID: 7B52C87DE86854194F6AE4649574AD03
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D1%26key%3D
Frame ID: CFEEE3942CA223AA2A72EDBC0753D59D
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=56&pid=59c9148628a0612da3689288&key=a5550e56-6179-4211-9869-6f0d15e87d53
Frame ID: 9C25D503E818043CA2275F59EE19D406
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D23%26key%3D
Frame ID: 316E89B278515C5C3D511D4134054361
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EDAB5425C2FF1BB2480F7682908BC65C
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662369826710&us_privacy=1---
Frame ID: 515E732938548E3843020960FEF5CE0F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 05E6EC19F2F77634D181961BE6150A21
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Total CS:GO

Page URL History Show full URLs

  1. http://totalcsgo.com/ HTTP 302
    https://totalcsgo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

83
Requests

100 %
HTTPS

37 %
IPv6

24
Domains

38
Subdomains

33
IPs

7
Countries

1946 kB
Transfer

4427 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://totalcsgo.com/ HTTP 302
    https://totalcsgo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1662369826368-991016545326-007499-009-005816%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=55&key=3924819587469134317
Request Chain 54
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=200&key=OPTOUT
Request Chain 56
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=56&pid=59c9148628a0612da3689288&key=a5550e56-6179-4211-9869-6f0d15e87d53

83 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
totalcsgo.com/
Redirect Chain
  • http://totalcsgo.com/
  • https://totalcsgo.com/
14 KB
5 KB
Document
General
Full URL
https://totalcsgo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
0c802b1ff7e6c160cdb9eb678249fb279711dcf59b8f06bdc28e68dfdc8d71cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 05 Sep 2022 10:39:31 GMT
Server
Jetty(9.4.z-SNAPSHOT)
Transfer-Encoding
chunked

Redirect headers

Content-Length
0
Date
Mon, 05 Sep 2022 10:39:31 GMT
Location
https://totalcsgo.com/
Server
Jetty(9.4.z-SNAPSHOT)
8b6893b0fdddb3f6d3bab190a715792a.css
totalcsgo.com/bundler/
257 KB
36 KB
Stylesheet
General
Full URL
https://totalcsgo.com/bundler/8b6893b0fdddb3f6d3bab190a715792a.css
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
880cd416afe57ce1f5f465d986566d3c4803969b584222c4614aba4af628c8f8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 10:39:31 GMT
Cache-Control
max-age=604800
Server
Jetty(9.4.z-SNAPSHOT)
Content-Encoding
gzip
ETag
1661842379351
Transfer-Encoding
chunked
Content-Type
text/css
video-loader.js
cdn.avantisvideo.com/avm/js/
32 KB
11 KB
Script
General
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
age
83777
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
date
Sun, 04 Sep 2022 10:07:29 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
6f5RtHbSkHpjlrlSe7ts1_LWO_rBSCHGvjp-_63ysPcH2bBe_620gA==
js
www.googletagmanager.com/gtag/
105 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117981069-13
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a1114210b691844ddedee745c13be068ce771d4d3b70e1c09fae3220cc94487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41837
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Sep 2022 09:23:44 GMT
headerlogo.png
totalcsgo.com/
8 KB
8 KB
Image
General
Full URL
https://totalcsgo.com/headerlogo.png
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
e6cf9b1e76842eb78c766f9c9982c6fa5416f58fa7603c01d4d0a2f4909322d0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 10:39:31 GMT
Content-Encoding
gzip
Expires
Wed Aug 31 02:23:28 EDT 2022
Server
Jetty(9.4.z-SNAPSHOT)
Cache-Control
private, max-age=84600
Content-Length
8125
Content-Type
image/png
39f2db7c09f99103170608bb663b805c.js
totalcsgo.com/bundler/
785 KB
234 KB
Script
General
Full URL
https://totalcsgo.com/bundler/39f2db7c09f99103170608bb663b805c.js
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
3b6ef0624974640440f8beb5f56818bebc1122a66cb208b2cbee4a7ce2ca13d0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 10:39:31 GMT
Cache-Control
max-age=604800
Server
Jetty(9.4.z-SNAPSHOT)
Content-Encoding
gzip
ETag
1661842379211
Transfer-Encoding
chunked
Content-Type
application/javascript
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/bundler/8b6893b0fdddb3f6d3bab190a715792a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 09:13:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 09:23:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 09:23:44 GMT
desktop.jpg
totalcsgo.com/site-takeover/apr7-2020/
735 KB
723 KB
Image
General
Full URL
https://totalcsgo.com/site-takeover/apr7-2020/desktop.jpg
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
07be04c5cc887076e872e0fd13774a5f2c5d5b32f69ea4917f3c5760787299d9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 10:39:32 GMT
Content-Encoding
gzip
Expires
Wed Aug 31 02:23:28 EDT 2022
Server
Jetty(9.4.z-SNAPSHOT)
Cache-Control
private, max-age=84600
Transfer-Encoding
chunked
Content-Type
image/jpeg
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://totalcsgo.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 08:01:51 GMT
x-content-type-options
nosniff
age
350513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://totalcsgo.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
393199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 20:10:25 GMT
abc.txt
static.avantisvideo.com/data/
8 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f72073407963bfde068220b703197ce9c8ea7b3388bd7539dce16ced7693a5b5

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 09:23:29 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2022 07:12:54 GMT
server
AmazonS3
age
7638
etag
W/"45d9d6adb262ae00471a534cb14aa551"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://totalcsgo.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
31uWIotymc-5to8xezWGAyjbozs-4s-j8rHNNjWnSwLO1MhPVC89dw==
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
/
events1.avantisvideo.com/
0
35 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.5.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-5-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 09:23:44 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117981069-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1304
date
Mon, 05 Sep 2022 09:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 05 Sep 2022 11:02:00 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame CD4C
46 KB
17 KB
Document
General
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
28000
content-encoding
gzip
content-type
text/html
date
Mon, 05 Sep 2022 01:37:04 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-id
k6qsLtziZnBH851XAHYZq4acZjtj6vxP25cLJ1Xsi2JCxvuYeXB4Nw==
x-amz-cf-pop
FRA6-C1
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
geoip
avm.avantisvideo.com/api/v1/ Frame CD4C
182 B
936 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d9ac09f49890508f3f4ef97149da0458b0a1800b3cc341bfef805bfdd9348b7c
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
182
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 05 Sep 2022 09:23:44 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
VZ0tKLcAv0Zm6L_DrNlmJXAv4MFUcLC6zlWmGfCUivFvZ_66DO-Ttg==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 05 Sep 2022 09:23:44 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id
GlM8ARfzEluXlreNbRJEAmqacfdqmFMWDTu8VM8EI__LK3i-kamF8Q==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1558759009&t=pageview&_s=1&dl=https%3A%2F%2Ftotalcsgo.com%2F&ul=en-us&de=UTF-8&dt=Total%20CS%3AGO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=667328341&gjid=1467856984&cid=861092690.1662369825&tid=UA-117981069-13&_gid=1598344741.1662369825&_r=1&gtm=2ou8v0&z=1208724431
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 09:23:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-117981069-13&cid=861092690.1662369825&jid=667328341&gjid=1467856984&_gid=1598344741.1662369825&_u=YEBAAUAAAAAAAC~&z=1599169887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 05 Sep 2022 09:23:44 GMT
content-type
text/plain
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
takeover.json
totalcsgo.com/
173 B
346 B
XHR
General
Full URL
https://totalcsgo.com/takeover.json
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/bundler/39f2db7c09f99103170608bb663b805c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
42c2f35e07b436ab50b9a2e49fc017986c145843c205160a6cbc6269a710c6aa

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://totalcsgo.com/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 10:39:32 GMT
Content-Encoding
gzip
Server
Jetty(9.4.z-SNAPSHOT)
Transfer-Encoding
chunked
Content-Type
application/json
adconfig-ae8085eba461c2cbd71d2b8ca07c8159.json
totalcsgo.com/
2 KB
676 B
XHR
General
Full URL
https://totalcsgo.com/adconfig-ae8085eba461c2cbd71d2b8ca07c8159.json
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/bundler/39f2db7c09f99103170608bb663b805c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
ff0daa876a424d7f70a0e63bc313990696c6edf38c1084320bb45f7f06cfb086

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://totalcsgo.com/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 10:39:32 GMT
Content-Encoding
gzip
Server
Jetty(9.4.z-SNAPSHOT)
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
AGSKWxVQIwTFvCxGTVJDoen-Lek12drAjAxlKnPd_dEgZwKOQNV9i6o3izyIivWV_U1lCfJs1ZATW3zk1tNi0iPFxBU=
fundingchoicesmessages.google.com/f/
104 KB
37 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVQIwTFvCxGTVJDoen-Lek12drAjAxlKnPd_dEgZwKOQNV9i6o3izyIivWV_U1lCfJs1ZATW3zk1tNi0iPFxBU=
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/bundler/39f2db7c09f99103170608bb663b805c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4626bc5cd650d8fa2ce17a672588433786fc5cdec5a8178474f102c64eafbd9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tW3xYqutamfLBpluI9X6lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-tW3xYqutamfLBpluI9X6lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Mon, 05 Sep 2022 09:23:44 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
video-loader2-cr.js
cdn.avantisvideo.com/js/
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
23HYQ0o2ylfY4CikTtNpDIRIBjFm3stq
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 07:12:05 GMT
server
AmazonS3
age
75270
etag
W/"34fc05e1a66d53097cb2d428812d10e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
date
Sun, 04 Sep 2022 12:29:15 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
FPD_wCQwsiUnq7Wvp5S4bAAtk8hNeWC7pRQYesJ_INCYAG4kDU3bBA==
geoip
avm.avantisvideo.com/api/v1/
182 B
929 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d9ac09f49890508f3f4ef97149da0458b0a1800b3cc341bfef805bfdd9348b7c
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
182
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 05 Sep 2022 09:23:45 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalcsgo.com
access-control-allow-credentials
true
x-amz-cf-id
N5N9bNmO5GGHcijO5JmrPuNMNz8cW8v04CsZGhc2j35EHbDehev9nQ==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://totalcsgo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://totalcsgo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 05 Sep 2022 09:23:45 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id
-hYZYGmEkBPhD3PBv6P32Nfeuhpss2YcIWI_ai1XLJOl8JtXt0qEig==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.5.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-5-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
impression
totalcsgo.com/ctrack/aug2-2022-siteskin/
0
218 B
XHR
General
Full URL
https://totalcsgo.com/ctrack/aug2-2022-siteskin/impression
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/bundler/39f2db7c09f99103170608bb663b805c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.38.175.34 , France, ASN16276 (OVH, FR),
Reverse DNS
ip34.ip-51-38-175.eu
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 10:39:32 GMT
Content-Encoding
gzip
Server
Jetty(9.4.z-SNAPSHOT)
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
AGSKWxU2UTM3F9ypnN_oj2uSTvDya51KXFTPWq3cOqzA6n9FUEQuZUyELjD4dr9sWoS4mZkwySskcXALmsywW_xPtkg=
fundingchoicesmessages.google.com/f/
269 KB
42 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU2UTM3F9ypnN_oj2uSTvDya51KXFTPWq3cOqzA6n9FUEQuZUyELjD4dr9sWoS4mZkwySskcXALmsywW_xPtkg=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyMzY5ODI0LDk5MDAwMDAwMF0sIjBCNzgzQTlELUVBRDktNDI5Qy04NTIzLTdEMTQ1M0FBMEY5NSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vdG90YWxjc2dvLmNvbS8iLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr._s2MSQdeVqY.es5.O/d=1/rs=AJlcJMywldI3ZQSxNfiuxJee03F-txe-8g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d56c209d93eddc3d7f7612757affaf0535f628569922897b34c31d4a597b42e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mcfaxXfxp5DG7MKv3zSYmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-mcfaxXfxp5DG7MKv3zSYmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js?_=1662369824750
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/bundler/39f2db7c09f99103170608bb663b805c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9fbd9b135aef3491108d97986f2cfd3e00f9134a3feddf48d1d2f69a614d5af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28557
x-xss-protection
0
server
sffe
etag
"1324 / 305 of 1000 / last-modified: 1662156382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 05 Sep 2022 09:23:45 GMT
pubads_impl_2022083001.js
securepubads.g.doubleclick.net/gpt/
379 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?_=1662369824750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 08:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 09:11:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
265 B
771 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=totalcsgo.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?_=1662369824750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6087111a6029bfe561423e0b26a207b5a9f991d886c56f00ca801d647dbbe899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 05 Sep 2022 09:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
expires
Mon, 05 Sep 2022 09:23:45 GMT
t
avm.avantisvideo.com/api/v1/tag/7dfd55ec-50af-4813-90c9-4d5e57b6172c/2/desktop/generate/
4 KB
3 KB
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/7dfd55ec-50af-4813-90c9-4d5e57b6172c/2/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Ftotalcsgo.com%2F&eu=true&country=FR&hour=9&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6fddf4cc8173ef38e57945a46525d52e11d5b5fe73740cef2d0c595beb4c50bd
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://totalcsgo.com
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
I8fbwjDY085CsGOkjWwgh5p7EFxZ6IT0IDZ8LABF_Batv6DWRSCY8w==
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: totalcsgo.com
URL: https://totalcsgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.5.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-5-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
t
avm.avantisvideo.com/api/v1/tag/7dfd55ec-50af-4813-90c9-4d5e57b6172c/2/desktop/generate/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/7dfd55ec-50af-4813-90c9-4d5e57b6172c/2/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Ftotalcsgo.com%2F&eu=true&country=FR&hour=9&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://totalcsgo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://totalcsgo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 05 Sep 2022 09:23:45 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id
sKFoyY-V1EVh0kMzcdbL-HsffbWsuT9CA95g5jVL-1UUEW0Yntt0bg==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
css
fonts.googleapis.com/
60 KB
4 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr._s2MSQdeVqY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMywldI3ZQSxNfiuxJee03F-txe-8g/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1a81488296b841fda61a06523b215eed80046e5ab85fb894fc51d9528048160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 09:23:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 09:23:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 09:23:45 GMT
AGSKWxXIsGc9DlMS6fS4b-cfRZ_B6pXQtYovPBswAdLnGONK2Kwhyw4krvYo1oBAY7Vl34Pux0HP4vjhJC9iPupz6IksZiQ7sLb-98AGNY5rmNAIuD7dSUSwnvAh5G6IL-tGZxMVxGIOaQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXIsGc9DlMS6fS4b-cfRZ_B6pXQtYovPBswAdLnGONK2Kwhyw4krvYo1oBAY7Vl34Pux0HP4vjhJC9iPupz6IksZiQ7sLb-98AGNY5rmNAIuD7dSUSwnvAh5G6IL-tGZxMVxGIOaQ==?dmid=7ee9cbbe8dbf3fdf
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr._s2MSQdeVqY.es5.O/d=1/rs=AJlcJMywldI3ZQSxNfiuxJee03F-txe-8g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bi7yAbih_uai37_TszEsgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://totalcsgo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-bi7yAbih_uai37_TszEsgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/
125 KB
125 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://totalcsgo.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:32:16 GMT
x-content-type-options
nosniff
age
305489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 20:32:16 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://totalcsgo.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
570791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 18:50:34 GMT
3.071a3bdd9711b74edbd4-video-loader2-cr.js
cdn.avantisvideo.com/js/
22 KB
8 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/3.071a3bdd9711b74edbd4-video-loader2-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
vGDGbENE468pAhP.jbDfEWCVTKLZO.Eo
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 07:12:04 GMT
server
AmazonS3
age
27868
etag
W/"97f2ecd515fcc6a9d26763251ef08b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
date
Mon, 05 Sep 2022 01:39:18 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
n_02OgA5n6qPh2SWA78-0kZ1SYDf_lAL2BhnBUKvMkjEqi2FdEquIQ==
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/
2 B
765 B
Script
General
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.071a3bdd9711b74edbd4-video-loader2-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Mon, 05 Sep 2022 09:23:45 GMT
X-GUploader-UploadID
ABg5-UyceNYD8FEdWQb3EsKqZxhyLaQsoF5fAeemPciJDGSGGF4ULfrcEwEz_akWP2UPcpXtifCcA1iL2DSxDFRze85Z1ot-ZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Mon, 05 Sep 2022 09:53:45 GMT
aniview.js
player.aniview.com/script/6.1/
28 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=7dfd55ec-50af-4813-90c9-4d5e57b6172c&tagId=2&subId=&callback=avantisCallBack
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
122879f9ef49d7193bb88733d44188ff5685a0643ebcf6c990cf1869941fce8d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds0y38uRe0y1revKSmnSbllrIqfnwlOah_l-d-K5ZaSdTR5fGvgT4JtO-HPS-H7n3vuumtwLN3Mdo9xcD89YpDxRA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9907
last-modified
Mon, 05 Sep 2022 05:26:06 GMT
server
UploadServer
etag
"e48135047b28da4599b89436b1ac8d13"
vary
Accept-Encoding
x-goog-hash
crc32c=jXmj2A==, md5=5IE1BHso2kWZuJQ2sayNEw==
x-goog-generation
1662355566662629
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9907
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:45 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame FBAE
388 KB
110 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7a40a463b00a11829a0e510859c76b9754429b9f2b6041208182f2afb4c718ab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:45 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduXzhdCf823X6fQNJFDrOvq0dpSdYwB7orBHywvhYo0kR7YPBScFHTHKE7ZFhMRGom-S_N2ZwjoTrf8r67b4HmntmuP8fm0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112108
last-modified
Mon, 05 Sep 2022 05:26:06 GMT
server
UploadServer
etag
"9c554c8926491b040b9c4a94b0f974fb"
vary
Accept-Encoding
x-goog-hash
crc32c=OL8ECg==, md5=nFVMiSZJGwQLnEqUsPl0+w==
x-goog-generation
1662355566662413
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112108
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:45 GMT
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?r=totalcsgo.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.53&apppkg=&fv=3&proto=https&clsid=83daf360-3d53-49d5-af3a-6b660993b3b1&rando=43&pid=5b9a2b7e28a061736f4ace3e&cid=5cc6f848073ef44f795cfa54&stagid=&stplid=&e=inventory&vi=100&cb=1662369826069
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/
331 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
740 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
384 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
782 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
395 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
449 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
577 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/
30 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Ftotalcsgo.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5b9a2b7e28a061736f4ace3e&AV_CHANNELID=5cc6f848073ef44f795cfa54&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=totalcsgo.com&AV_DADPOS=3&d36=6.2.53&responsive=1&sver=2&avtoken=826069&omv=1.0.1&clsid=83daf360-3d53-49d5-af3a-6b660993b3b1&rando=43&AV_WIDTH=400&AV_HEIGHT=225&AV_CCPA=1---&AV_DNT=0&cb=1662369826095&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.43.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-43-174.compute-1.amazonaws.com
Software
/
Resource Hash
d6ee51ef33f0732a5b60e9a7150401326926605c43beed162ef51d2cf9632e37

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 24 Aug 2022 19:37:06 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.5.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-5-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
cookiesyncendpoint
sync.aniview.com/ Frame D6CF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1662369826368-991016545326-007499-009-005816%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=55&key=3924819587469134317
0
37 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=55&key=3924819587469134317
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.241.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-241-119.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
0
date
Mon, 05 Sep 2022 09:23:46 GMT

Redirect headers

AN-X-Request-Uuid
0d687a04-dd61-4b62-a8d9-7aae62cc61cb
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Sep 2022 09:23:46 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=55&key=3924819587469134317
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.59.164.108; 37.59.164.108; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
pixel
ap.lijit.com/ Frame D649
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Mon, 05 Sep 2022 09:23:46 GMT
pod
X-Sovrn-Pod: ad_ap7ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame BC9A
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
0
date
Mon, 05 Sep 2022 09:23:46 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
services
sync.technoratimedia.com/ Frame 467A
0
0
Document
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1662369826368-991016545326-007499-009-005816&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://totalcsgo.com/
age
0
date
Mon, 05 Sep 2022 09:23:46 GMT
server
nginx
via
1.1 varnish
x-varnish
673943014
cookiesyncendpoint
sync.aniview.com/ Frame 7B52
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=200&key=OPTOUT
0
200 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.241.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-241-119.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
0
date
Mon, 05 Sep 2022 09:23:46 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 05 Sep 2022 09:23:46 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=200&key=OPTOUT
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CFEE
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119480
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 09:23:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 06 Sep 2022 18:35:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 9C25
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=56&pid=59c9148628a0612da3689288&key=a5550e56-6179-4211-9869-6f0d15e87d53
0
37 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=56&pid=59c9148628a0612da3689288&key=a5550e56-6179-4211-9869-6f0d15e87d53
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.241.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-241-119.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
0
date
Mon, 05 Sep 2022 09:23:46 GMT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
745de8781c36d512-CDG
content-length
0
date
Mon, 05 Sep 2022 09:23:46 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662369826368-991016545326-007499-009-005816&biddername=56&pid=59c9148628a0612da3689288&key=a5550e56-6179-4211-9869-6f0d15e87d53
server
cloudflare
cm
u.openx.net/w/1.0/ Frame 316E
43 B
304 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Mon, 05 Sep 2022 09:23:46 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame FBAE
178 KB
54 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds_YyvkSUnTufqj4XsZtFAGSl8lFCMaarl4ForxDNutpelgjtmjbaOT9vpvYIcuSmU3AmHfMTzffx1hJg3DC6kix8kLZwQD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"6aaf2d6f81db16a19b9a8702200ece8f"
vary
Accept-Encoding
x-goog-hash
crc32c=ABPkGg==, md5=aq8tb4HbFqGbmocCIA7Ojw==
x-goog-generation
1662355567182175
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:46 GMT
avpb6.27.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame FBAE
73 KB
25 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu_9EZRh1A9wjPh1AUbvgqUz6hyP-WzIkaI4xWm94n0oqnoIXco6gbT2n_MBZ2MzSTwKCHD1BWJfRf9q7MHBy_-Nr3IoHMA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
24663
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"443235b30dfca332fbe982d211a2f025"
vary
Accept-Encoding
x-goog-hash
crc32c=ehhcow==, md5=RDI1sw38ozL76YLSEaLwJQ==
x-goog-generation
1662355567347498
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
24663
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:46 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame FBAE
71 KB
22 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduXKKTKlaWoLIxkEKjrKHZKsqzVvrhorDXKTKuimBtfxE76cajdsER3CvwMifNluSHZjbk-4BQ5aE3pnU9LX0i0FA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"4c39c186ab65125b12a0ce1ab17e5c2f"
vary
Accept-Encoding
x-goog-hash
crc32c=od4CoQ==, md5=TDnBhqtlElsSoM4asX5cLw==
x-goog-generation
1662355567434596
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:46 GMT
avpb6.27.0a5.js
player.aniview.com/script/6.1/libs/prebid/ Frame FBAE
66 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a5.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
71c7a28033b54fac3e87f3a39b87107be7026ef9180043d997dd7a6cec45bdc6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvsqmQH5zK9pMFRvW6c8YQV-e4LUOvI8AV_gsKSIyhWVZCrcCnyHxsDDuAi3VHqhqgCQXljuA63I4BbkFzak-eVATjGEEDS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20346
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"3f4655277706d78f482269f7f248bb93"
vary
Accept-Encoding
x-goog-hash
crc32c=YkYOhQ==, md5=P0ZVJ3cG149IImn38ki7kw==
x-goog-generation
1662355567441028
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20346
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:46 GMT
avpb6.27.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame FBAE
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtjcK95Wf_s6T8KhkZj33_hMFwGEeN3lxONipcx9eAdWvfmYqq_Pua67xsvV1MyW7XjQacMX57rq0rIE-uju0f0PA6QnaKI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22756
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"3d41b00647407654b6e10472f7383ca5"
vary
Accept-Encoding
x-goog-hash
crc32c=8wBOTg==, md5=PUGwBkdAdlS24QRy9zg8pQ==
x-goog-generation
1662355567445551
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22756
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:46 GMT
avpb6.27.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame FBAE
66 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsPza884M0Hoj_wW4Duuk1KpQoDFKQnfgt18e-mPWQQRTqrWzv286WgZRI_Ke_dQaBg5_haAwZI8Jln-L5T68XkxLMqRJlB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20155
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"19ef1bb54bb174173ff91d8a198fdcc3"
vary
Accept-Encoding
x-goog-hash
crc32c=ISjrfQ==, md5=Ge8btUuxdBc/+R2KGY/cww==
x-goog-generation
1662355567432736
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20155
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:46 GMT
avpb6.27.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame FBAE
68 KB
21 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6PwWLNRSP-aSAKBGFe-d_KK7aJRpRQTcgRkWcwjoMiUrD44z5CXTg_maFhCUDAa1JAUOn__13HZZYtanMRXn8abX130JH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20618
last-modified
Mon, 05 Sep 2022 05:26:07 GMT
server
UploadServer
etag
"1813d77e9427eaefce57cdbad843e4ab"
vary
Accept-Encoding
x-goog-hash
crc32c=VcuCBQ==, md5=GBPXfpQn6u/OV8262EPkqw==
x-goog-generation
1662355567432935
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20618
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 05 Sep 2022 09:28:46 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=FR&cos=Windows&r=totalcsgo.com&rs=totalcsgo.com&sid=78308&t=1662369826&cip=37.59.164.108&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5b9a2b7e28a061736f4ace3e&test=&aafaid=&proto=https&uid=1662369826368-991016545326-007499-009-005816&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=51434395118&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5b9a2b7e28a061736f4ace3e&nid=59918a0e073ef4782e4e347f&pcid=5cc6f848073ef44f795cfa54&ncid=5b9a3b99073ef42b8127d4d3&pasid=5b9a3bf828a06163513199bd&e=request&cb=1662369826532&asid=612ce47992b2725e356703a1%2C6076b4e85e117063a325dec4%2C62ca9ac54a0b4664a4667765%2C62c198634a3bc16a441d3fe4%2C62c6902db824516ceb0eb9b6%2C62efcd95c6419e5bfc180174%2C6249a5656dd5b95228314844%2C61e6d647f17a026d515fa5e4%2C62f3c4af50ab0854bb11fe84%2C622f6256f66a1f4e730a894c&ofpr=%2C%2C1.22%2C0.8%2C0.39%2C0.24%2C0.2%2C0.19%2C0.12%2C0.15&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=FR&cos=Windows&r=totalcsgo.com&rs=totalcsgo.com&sid=78308&t=1662369826&cip=37.59.164.108&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5b9a2b7e28a061736f4ace3e&test=&aafaid=&proto=https&uid=1662369826368-991016545326-007499-009-005816&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=51434395118&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5b9a3b99073ef42b8127d4d3&ncid=6252cd490f4ad400b27f24ae&coasid=6283c468be64aa212f733aa7&e=request&cb=1662369826532&asid=62b1a8bfecf705053613baab%2C6252bf57e35a4e32222ec526%2C6252c41a4d38992da0433725%2C6252bbfbfd9d9c406636fb4b&ofpr=%2C4%2C4%2C3.5&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://totalcsgo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://totalcsgo.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 05 Sep 2022 09:23:46 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/
0
407 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 09:23:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
tag
p4dt2-ha1hf.ads.tremorhub.com/ad/
55 B
416 B
XHR
General
Full URL
https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Ftotalcsgo.com%2F&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,7802,1,,,!spotim.market,isp_avantis,1,,,&transactionId=7c388170-9a5c-41b9-8dda-604813c9b365&floor=USD:0.39&referrer=https%3A%2F%2Ftotalcsgo.com%2F&us_privacy=1---&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:531b:ba46:2780:d8f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5dcc1735474a98a531343911d4c5196bda36e01141027ed7b2a6c357b0fd0bcc

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
tag
p4dt2-ha1hf.ads.tremorhub.com/ad/
55 B
415 B
XHR
General
Full URL
https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Ftotalcsgo.com%2F&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,7802,1,,,!spotim.market,isp_avantis,1,,,&transactionId=4558b2a1-8edc-454a-9c6f-29d256af7b42&floor=USD:0.8&referrer=https%3A%2F%2Ftotalcsgo.com%2F&us_privacy=1---&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:531b:ba46:2780:d8f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8fe2dbf7ccecbc07900b1c438de18ebdc7dc3267a7d9537c4054bc334d2aa86c

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 09:23:47 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
prebid
ib.adnxs.com/ut/v3/
138 B
982 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e52ea35afd3f9f36bedd5c5fb19b64cfdf60e9d5fcf8a369557bee46d436c44f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 09:23:46 GMT
X-Proxy-Origin
37.59.164.108; 37.59.164.108; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ad7ec179-029e-44fc-a553-d144bf03a973
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://totalcsgo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-multi
hb.yellowblue.io/
105 B
409 B
XHR
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.6.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-6-120.compute-1.amazonaws.com
Software
/
Resource Hash
1f50ee43fe3f8dbd0e06f9a4c68ed68e86dba9ad5764db4021692e59b978a895

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://totalcsgo.com
x-reason
maxmind hosting provider
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
ib.adnxs.com/ut/v3/
19 B
862 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 09:23:46 GMT
X-Proxy-Origin
37.59.164.108; 37.59.164.108; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9998ec33-da2e-485d-aa05-aad558405639
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://totalcsgo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
406 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.210.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-210-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
39036574cf74a893d221562c1067902028361630ee53faabef752385271d7b30

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
prebid
ib.adnxs.com/ut/v3/
139 B
983 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4de244ad01efdbc63f4b3933ab5e56f717ffa262b517f61ccf827db7ca1b5924
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 09:23:46 GMT
X-Proxy-Origin
37.59.164.108; 37.59.164.108; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
90a13df0-2547-4d59-b494-b4b47283efa3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://totalcsgo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/
95 B
728 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2218e085c9f39224a%22%3A%22c6e8062ccb6415eb790f%7C%7Cf%3D0.15%22%7D&ref=https%3A%2F%2Ftotalcsgo.com%2F&s=52ea48cf-ce35-4a6b-a15f-5aaa7a22784b&pv=e21182d7-1b2f-4d55-9f23-f236db671e00&vp=mobile&lib_name=prebid&lib_v=6.27.0&us=5&ius=1&us_privacy=1---&coppa=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
eee9578a0c00321fb5daa08be8eeb9126b43a668fe697e65ff7041e2e7599e13
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 09:23:46 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-88
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://totalcsgo.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
187 B
408 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.210.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-210-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c4eb66bac7fdbe5d9a698f8b8bc3e5e2bca20e5cf19a898d5c58f7de79615950

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 09:23:46 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://totalcsgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
prebid-request
onetag-sys.com/
15 B
360 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://totalcsgo.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PugMaster
image6.pubmatic.com/AdServer/ Frame CFEE
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87985626&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662369826368-991016545326-007499-009-005816%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:46 GMT
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=FR&cos=Windows&r=totalcsgo.com&rs=totalcsgo.com&sid=78308&t=1662369826&cip=37.59.164.108&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5b9a2b7e28a061736f4ace3e&test=&aafaid=&proto=https&uid=1662369826368-991016545326-007499-009-005816&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=51434395118&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5b9a2b7e28a061736f4ace3e&nid=59918a0e073ef4782e4e347f&pcid=5cc6f848073ef44f795cfa54&ncid=5b9a3b99073ef42b8127d4d3&pasid=5b9a3bf828a06163513199bd&e=bid&cb=1662369827138&asid=612ce47992b2725e356703a1%2C6076b4e85e117063a325dec4&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=FR&cos=Windows&r=totalcsgo.com&rs=totalcsgo.com&sid=78308&t=1662369826&cip=37.59.164.108&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5b9a2b7e28a061736f4ace3e&test=&aafaid=&proto=https&uid=1662369826368-991016545326-007499-009-005816&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=51434395118&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5b9a3b99073ef42b8127d4d3&ncid=6252cd490f4ad400b27f24ae&coasid=6283c468be64aa212f733aa7&e=bid&cb=1662369827138&asid=62b1a8bfecf705053613baab&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://totalcsgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:23:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame EDAB
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
16508
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Sep 2022 09:23:47 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 176434
X-Served-By
cache-lga21976-LGA, cache-cdg20731-CDG
X-Timer
S1662369828.702380,VS0,VE0
/
onetag-sys.com/usync/ Frame 515E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1662369826710&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 05E6
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://totalcsgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Sep 2022 09:23:47 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame EDAB
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Sep 2022 09:23:47 GMT
X-Proxy-Origin
37.59.164.108; 37.59.164.108; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e77b5d1a-7439-48b8-941b-05d14f74fea7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 05E6
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 05 Sep 2022 09:23:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22835
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 05 Sep 2022 15:44:22 GMT
khaos.jpg
token.rubiconproject.com/ Frame 05E6
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=FR&cos=Windows&r=totalcsgo.com&rs=totalcsgo.com&sid=78308&t=1662369826&cip=37.59.164.108&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5b9a2b7e28a061736f4ace3e&test=&aafaid=&proto=https&uid=1662369826368-991016545326-007499-009-005816&cha=0.7&stagid=&stplid=&d35=&d36=6.2.53&cb=51434395118&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5b9a2b7e28a061736f4ace3e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://totalcsgo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 05 Sep 2022 09:23:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| directAvantis function| gtag object| dataLayer string| adConfigUrl string| takeoverScheduleUrl boolean| adsEnabled boolean| avantisEnabled object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setClipboard function| copyTextArea object| currentBindUuid function| changeBind function| getChangeBindDiv function| getBoundToDiv function| getTextArea function| updateBind object| bindableKeys function| getBindableKeys boolean| tcvTable function| switchTCV object| originalCardHtml object| originalTableHtml function| tcvSearch object| currentPopover function| setNavMargin function| adjustSkin function| trackClick function| _createForOfIteratorHelperLoose function| _unsupportedIterableToArray function| _arrayLikeToArray function| _defineProperty object| data object| keyboard object| mouse function| searchObj function| createElement function| copyToClipboard function| BindGenerator function| defer function| SkinTradingSite object| googletag object| pbjs number| PREBID_TIMEOUT object| adConfig function| setAdConfig function| setupAdDependencies function| setupAdUnits function| loadAdUnitsOnPage function| initAdserver object| adUnits function| getAdUnitById function| AdUnit function| setupPrebidConfig function| callTrigger function| avantisCallBack boolean| debug object| urlParams boolean| adsHaveBeenLoaded function| loadAds function| $ function| jQuery object| bootstrap object| Cookies function| Color function| Chart function| pbjsChunk function| bowser object| webVitals object| regeneratorRuntime function| __d3lUW8vwsKlB__ object| googlefc object| avntsWebpackJsonp object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef object| Y2VmZGJiZGFjYjBmYmVkYWxvYWRlcl9qcw== string| Y2VmZGJiZGFjYjBmYmVkYWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| ggeac boolean| google_plmetrics object| google_js_reporting_queue number| avnts_player undefined| google_measure_js_timing object| avntsQ function| avPlayer object| storageAni

12 Cookies

Domain/Path Name / Value
.totalcsgo.com/ Name: _ga
Value: GA1.2.861092690.1662369825
.totalcsgo.com/ Name: _gid
Value: GA1.2.1598344741.1662369825
.totalcsgo.com/ Name: _gat_gtag_UA_117981069_13
Value: 1
totalcsgo.com/ Name: sitetakeover-key
Value: desktop-skin
.aniview.com/ Name: aniC
Value:
.adnxs.com/ Name: uuid2
Value: 3924819587469134317
.csync.loopme.me/ Name: viewer_token
Value: a5550e56-6179-4211-9869-6f0d15e87d53
totalcsgo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.go.sonobi.com/ Name: HAPLB8A
Value: s8588|YxW9p

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adx.adform.net
ap.lijit.com
apex.go.sonobi.com
avm.avantisvideo.com
cdn.avantisvideo.com
cdn1.avantisvideo.com
csync.loopme.me
eus.rubiconproject.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
go1.aniview.com
hb.yellowblue.io
ib.adnxs.com
image6.pubmatic.com
onetag-sys.com
p4dt2-ha1hf.ads.tremorhub.com
play.aniview.com
player.aniview.com
prebid-server.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.avantisvideo.com
stats.g.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.technoratimedia.com
token.rubiconproject.com
totalcsgo.com
track1.aniview.com
u.openx.net
ups.analytics.yahoo.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
132.226.63.138
151.101.129.108
18.156.0.31
18.185.210.110
185.83.142.19
185.89.210.153
198.47.127.19
213.19.147.45
216.52.2.39
23.205.235.133
23.35.236.201
2600:1f18:612b:4200:531b:ba46:2780:d8f7
2600:9000:2057:600:1c:38a0:8a40:93a1
2600:9000:2057:9c00:3:748e:7940:93a1
2600:9000:214f:9400:8:9ed9:9c40:93a1
2606:4700::6813:ac6c
2a00:1450:4001:801::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9a
2a00:1450:400e:80f::200a
2a02:26f0:3500:595::2c79
3.220.26.216
3.224.43.174
35.244.159.8
37.157.3.28
50.16.6.120
51.38.120.206
51.38.175.34
52.4.241.119
52.88.5.146
69.166.1.15
69.173.144.138
07be04c5cc887076e872e0fd13774a5f2c5d5b32f69ea4917f3c5760787299d9
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c802b1ff7e6c160cdb9eb678249fb279711dcf59b8f06bdc28e68dfdc8d71cf
122879f9ef49d7193bb88733d44188ff5685a0643ebcf6c990cf1869941fce8d
1f50ee43fe3f8dbd0e06f9a4c68ed68e86dba9ad5764db4021692e59b978a895
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
39036574cf74a893d221562c1067902028361630ee53faabef752385271d7b30
3b6ef0624974640440f8beb5f56818bebc1122a66cb208b2cbee4a7ce2ca13d0
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42c2f35e07b436ab50b9a2e49fc017986c145843c205160a6cbc6269a710c6aa
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4de244ad01efdbc63f4b3933ab5e56f717ffa262b517f61ccf827db7ca1b5924
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
5dcc1735474a98a531343911d4c5196bda36e01141027ed7b2a6c357b0fd0bcc
6087111a6029bfe561423e0b26a207b5a9f991d886c56f00ca801d647dbbe899
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fddf4cc8173ef38e57945a46525d52e11d5b5fe73740cef2d0c595beb4c50bd
71c7a28033b54fac3e87f3a39b87107be7026ef9180043d997dd7a6cec45bdc6
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
7a40a463b00a11829a0e510859c76b9754429b9f2b6041208182f2afb4c718ab
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
880cd416afe57ce1f5f465d986566d3c4803969b584222c4614aba4af628c8f8
8a1114210b691844ddedee745c13be068ce771d4d3b70e1c09fae3220cc94487
8fe2dbf7ccecbc07900b1c438de18ebdc7dc3267a7d9537c4054bc334d2aa86c
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148
c1a81488296b841fda61a06523b215eed80046e5ab85fb894fc51d9528048160
c4eb66bac7fdbe5d9a698f8b8bc3e5e2bca20e5cf19a898d5c58f7de79615950
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
c9fbd9b135aef3491108d97986f2cfd3e00f9134a3feddf48d1d2f69a614d5af
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d4626bc5cd650d8fa2ce17a672588433786fc5cdec5a8178474f102c64eafbd9
d56c209d93eddc3d7f7612757affaf0535f628569922897b34c31d4a597b42e2
d6ee51ef33f0732a5b60e9a7150401326926605c43beed162ef51d2cf9632e37
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d9ac09f49890508f3f4ef97149da0458b0a1800b3cc341bfef805bfdd9348b7c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687
e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ea35afd3f9f36bedd5c5fb19b64cfdf60e9d5fcf8a369557bee46d436c44f
e6cf9b1e76842eb78c766f9c9982c6fa5416f58fa7603c01d4d0a2f4909322d0
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eee9578a0c00321fb5daa08be8eeb9126b43a668fe697e65ff7041e2e7599e13
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72073407963bfde068220b703197ce9c8ea7b3388bd7539dce16ced7693a5b5
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
ff0daa876a424d7f70a0e63bc313990696c6edf38c1084320bb45f7f06cfb086