rollskin.ru Open in urlscan Pro
185.178.208.152  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request navi Show response rollskin.ru/	22 KB 4 KB	291ms 155ms	Document text/html	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash ec19347502f390f0df2ebfdc477c95db710e29aef5ba241fc7f716daeccf6b2a Request headers :method GET :authority rollskin.ru :scheme https :path /navi pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server ddos-guard set-cookie __ddg1=xFX72JVn1J4SGyhhpxYx; Domain=.rollskin.ru; HttpOnly; Path=/; Expires=Fri, 24-Jun-2022 12:36:43 GMT lumen_session=PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj; expires=Thu, 01-Jul-2021 12:36:42 GMT; Max-Age=604800; path=/; httponly _TDG=ff6d0c59db4fe6bdf516128e2dff713f;Path=/ date Thu, 24 Jun 2021 12:36:44 GMT content-type text/html; charset=UTF-8 cache-control no-cache, private content-encoding gzip
GET H2	200	app.css rollskin.ru/assets/landings/navigiveaway/css/	114 KB 14 KB	151ms 149ms	Stylesheet text/css	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://rollskin.ru/assets/landings/navigiveaway/css/app.css Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash f8cb3e021a8485f8081b49d8e2cb5b5c14641ec168c222c3163daf1892156ac9 Request headers :path /assets/landings/navigiveaway/css/app.css pragma no-cache cookie __ddg1=xFX72JVn1J4SGyhhpxYx; lumen_session=PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj; _TDG=ff6d0c59db4fe6bdf516128e2dff713f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority rollskin.ru referer https://rollskin.ru/navi :scheme https sec-fetch-site same-origin :method GET Referer https://rollskin.ru/navi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 24 Jun 2021 12:36:44 GMT content-encoding gzip last-modified Tue, 01 Dec 2020 20:06:17 GMT server ddos-guard age 0 etag W/"5fc6a239-1c89a" content-type text/css set-cookie _TDG=ff6d0c59db4fe6bdf516128e2dff713f;Path=/
GET H2	200	auth.js Show response rollskin.ru/api/js/	12 KB 4 KB	41ms 39ms	Script application/javascript	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://rollskin.ru/api/js/auth.js?id=e4ad1ff Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 0d6e2381edc983d964000402f8113648e012b59e55db9c3addb93ea75a146ebd Request headers :path /api/js/auth.js?id=e4ad1ff pragma no-cache cookie __ddg1=xFX72JVn1J4SGyhhpxYx; lumen_session=PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj; _TDG=ff6d0c59db4fe6bdf516128e2dff713f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority rollskin.ru referer https://rollskin.ru/navi :scheme https sec-fetch-site same-origin :method GET Referer https://rollskin.ru/navi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 23 Jun 2021 21:23:48 GMT content-encoding gzip last-modified Wed, 16 Jun 2021 00:03:20 GMT server ddos-guard age 54775 etag W/"60c93fc8-2ea0" content-type application/javascript content-length 4004
GET H2	200	navi.png rollskin.ru/assets/landings/navigiveaway/img/	111 KB 111 KB	53ms 41ms	Image image/png	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://rollskin.ru/assets/landings/navigiveaway/img/navi.png Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash dfd41605a51c398abc5aa914571667445485997aa742fe0ed247b6c69abfb1a4 Request headers :path /assets/landings/navigiveaway/img/navi.png pragma no-cache cookie __ddg1=xFX72JVn1J4SGyhhpxYx; lumen_session=PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj; _TDG=ff6d0c59db4fe6bdf516128e2dff713f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority rollskin.ru referer https://rollskin.ru/navi :scheme https sec-fetch-site same-origin :method GET Referer https://rollskin.ru/navi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 24 Jun 2021 11:56:09 GMT last-modified Tue, 01 Dec 2020 20:06:17 GMT server ddos-guard age 2435 etag "5fc6a239-1bc7b" content-type image/png accept-ranges bytes content-length 113787
GET H2	200	team.png rollskin.ru/assets/landings/navigiveaway/img/	2 MB 2 MB	58ms 57ms	Image image/png	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://rollskin.ru/assets/landings/navigiveaway/img/team.png Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash c9507db032972b6572e2fed980f08f6eccc0da9d3c4f6e94908f78b6b01881ee Request headers :path /assets/landings/navigiveaway/img/team.png pragma no-cache cookie __ddg1=xFX72JVn1J4SGyhhpxYx; lumen_session=PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj; _TDG=ff6d0c59db4fe6bdf516128e2dff713f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority rollskin.ru referer https://rollskin.ru/navi :scheme https sec-fetch-site same-origin :method GET Referer https://rollskin.ru/navi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 24 Jun 2021 12:02:56 GMT last-modified Tue, 01 Dec 2020 20:06:17 GMT server ddos-guard age 2028 etag "5fc6a239-201370" content-type image/png set-cookie __ddgid=XS1MVZ9sdi0knWLz; Domain=.rollskin.ru; HttpOnly; Path=/; Expires=Fri, 24-Jun-2022 12:36:43 GMT __ddgmark=gpTvZE9Hwz9I85MT; Domain=.rollskin.ru; HttpOnly; Path=/; Expires=Fri, 25-Jun-2021 12:36:43 GMT accept-ranges bytes content-length 2102128
GET H2	200	case.png rollskin.ru/assets/landings/navigiveaway/img/	199 KB 200 KB	93ms 91ms	Image image/png	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://rollskin.ru/assets/landings/navigiveaway/img/case.png Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 92f2a931d5813c28ca1d0f023502c0d0b833102c1a2c23df2114f13b39910a67 Request headers :path /assets/landings/navigiveaway/img/case.png pragma no-cache cookie __ddg1=xFX72JVn1J4SGyhhpxYx; lumen_session=PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj; _TDG=ff6d0c59db4fe6bdf516128e2dff713f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority rollskin.ru referer https://rollskin.ru/navi :scheme https sec-fetch-site same-origin :method GET Referer https://rollskin.ru/navi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 22 Jun 2021 08:00:51 GMT last-modified Tue, 01 Dec 2020 20:06:17 GMT server ddos-guard age 189354 etag "5fc6a239-31d84" content-type image/png accept-ranges bytes content-length 204164
GET H2	200	steam.svg rollskin.ru/assets/landings/navigiveaway/img/	1 KB 659 B	93ms 91ms	Image image/svg+xml	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://rollskin.ru/assets/landings/navigiveaway/img/steam.svg Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash ccdf1d79075f6e30f0514c7018a94663a956c850ab4a8f8e7513ce05b171f6a9 Request headers :path /assets/landings/navigiveaway/img/steam.svg pragma no-cache cookie __ddg1=xFX72JVn1J4SGyhhpxYx; lumen_session=PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj; _TDG=ff6d0c59db4fe6bdf516128e2dff713f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority rollskin.ru referer https://rollskin.ru/navi :scheme https sec-fetch-site same-origin :method GET Referer https://rollskin.ru/navi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 24 Jun 2021 12:02:56 GMT content-encoding br last-modified Tue, 01 Dec 2020 20:06:17 GMT server ddos-guard age 2028 etag W/"5fc6a239-4e0" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 578
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/	86 KB 28 KB	30ms 15ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://rollskin.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 24 Jun 2021 12:36:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 562254 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 27748 cf-request-id 0adf9edf0d00000eb3c386f000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-15851" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wGSIIv2m7J8v4PJmFzQvWEjIFcQCMxoWOvyJA42jzAWgdS3nht5tTl%2BpFOp8KevYUEP3uQ6E3MuAl6OdeRqbD75LjLNO9CbrNPYS0RluIR%2FNa%2FTkSCLJJacdCuLAdJrDL7ZsZPGs1l3WpO5yqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 664600de7e080eb3-FRA expires Tue, 14 Jun 2022 12:36:43 GMT
GET H3-29	200	vue.min.js Show response cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/	91 KB 31 KB	44ms 23ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js Requested by Host: rollskin.ru URL: https://rollskin.ru/navi Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://rollskin.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 24 Jun 2021 12:36:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 585428 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 30730 cf-request-id 0adf9edf3f00001f19bcbf6000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb0402c-16de6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PTk%2FWO%2FGVCVqPlWYHkfmlYtl18fTJXneIXDzpKK3laI4S4QqJ5agfKGiu2yZkSBHWoDOPJk40hgh%2BVuHO1uWBrbcsvozcYO66ZI3htDw1QMQ%2FYh4hB2NUHIda%2BjgjZqTg7N8omTvKOwKLGSaoQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 664600decd2a1f19-FRA expires Tue, 14 Jun 2022 12:36:43 GMT
GET H2	200	css fonts.googleapis.com/	1 KB 520 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Barlow:700&display=swap Requested by Host: rollskin.ru URL: https://rollskin.ru/assets/landings/navigiveaway/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ba451f6506ef4f577c819a94b7dd57ad4d453a7e9b3d84b9a3eb256cf67f979c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://rollskin.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 24 Jun 2021 12:27:19 GMT server ESF date Thu, 24 Jun 2021 12:36:44 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 24 Jun 2021 12:36:44 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 628 B	24ms 24ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=IBM+Plex+Sans&display=swap Requested by Host: rollskin.ru URL: https://rollskin.ru/assets/landings/navigiveaway/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d766278d535728e8abeaf475ab6ec86ed40fa6ad6d8cf03502620abd57544974 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://rollskin.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 24 Jun 2021 11:58:59 GMT server ESF date Thu, 24 Jun 2021 12:36:44 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 24 Jun 2021 12:36:44 GMT
GET H2	200	7cHqv4kjgoGqM7E3t-4s51os.woff2 fonts.gstatic.com/s/barlow/v5/	21 KB 21 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow:700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://rollskin.ru Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 22 Jun 2021 20:41:08 GMT x-content-type-options nosniff age 143736 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21080 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:05:19 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Jun 2022 20:41:08 GMT
GET H2	200	zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 fonts.gstatic.com/s/ibmplexsans/v8/	17 KB 17 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://rollskin.ru Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 22 Jun 2021 18:46:28 GMT x-content-type-options nosniff age 150616 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17784 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:07:20 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Jun 2022 18:46:28 GMT
POST H2	500	analytics Show response rollskin.ru/	831 B 776 B	155ms 155ms	XHR text/html	185.178.208.152 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://rollskin.ru/analytics Requested by Host: rollskin.ru URL: https://rollskin.ru/api/js/auth.js?id=e4ad1ff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.152 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash f1d7dc82616bea86e20962da8a09b76d334cf78e5d45f6837543a34439a0587f Request headers sec-fetch-mode cors origin https://rollskin.ru accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty content-length 136 :path /analytics pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type multipart/form-data; boundary=----WebKitFormBoundaryYD8J2u6QlT6Q3wmz accept */* cache-control no-cache :authority rollskin.ru referer https://rollskin.ru/navi :scheme https sec-fetch-site same-origin :method POST Referer https://rollskin.ru/navi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryYD8J2u6QlT6Q3wmz Response headers date Thu, 24 Jun 2021 12:36:54 GMT cache-control no-cache, private server ddos-guard set-cookie __ddg1=AszMWeVqOAueYv29rGV7; Domain=.rollskin.ru; HttpOnly; Path=/; Expires=Fri, 24-Jun-2022 12:36:53 GMT lumen_session=nynGvu6lCCdF4jStrBu6JQV47XeWBIxEpr7PL0Cw; expires=Thu, 01-Jul-2021 12:36:53 GMT; Max-Age=604800; path=/; httponly content-encoding br vary Accept-Encoding content-type text/html; charset=UTF-8

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| JetManager function| $ function| jQuery function| Vue boolean| started object| shufflePattern undefined| ls_shuffle function| r_start

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rollskin.ru/	1970-01-19 19:17:06	Name: __ddgmark Value: gpTvZE9Hwz9I85MT
			rollskin.ru/	1969-12-31 23:59:59	Name: _TDG Value: ff6d0c59db4fe6bdf516128e2dff713f
			rollskin.ru/	1970-01-19 19:25:43	Name: lumen_session Value: PL0VJg5UQudRZVG1N2e4vxuKPsZByPh7FiWA0xQj
			.rollskin.ru/	1970-01-20 04:01:16	Name: __ddgid Value: XS1MVZ9sdi0knWLz
			.rollskin.ru/	1970-01-20 04:01:14	Name: __ddg1 Value: xFX72JVn1J4SGyhhpxYx

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
rollskin.ru
185.178.208.152
2606:4700::6810:135e
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d6e2381edc983d964000402f8113648e012b59e55db9c3addb93ea75a146ebd
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
92f2a931d5813c28ca1d0f023502c0d0b833102c1a2c23df2114f13b39910a67
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
ba451f6506ef4f577c819a94b7dd57ad4d453a7e9b3d84b9a3eb256cf67f979c
c9507db032972b6572e2fed980f08f6eccc0da9d3c4f6e94908f78b6b01881ee
ccdf1d79075f6e30f0514c7018a94663a956c850ab4a8f8e7513ce05b171f6a9
d766278d535728e8abeaf475ab6ec86ed40fa6ad6d8cf03502620abd57544974
dfd41605a51c398abc5aa914571667445485997aa742fe0ed247b6c69abfb1a4
ec19347502f390f0df2ebfdc477c95db710e29aef5ba241fc7f716daeccf6b2a
f1d7dc82616bea86e20962da8a09b76d334cf78e5d45f6837543a34439a0587f
f8cb3e021a8485f8081b49d8e2cb5b5c14641ec168c222c3163daf1892156ac9