skins.cash Open in urlscan Pro
45.60.242.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjkjbHEwM2AAxXNPQYAHcrTB7oYABAAGgJ3cw&gclid=Cj0KCQjwz8emBhDrARIsANNJjS...
Effective URL:
https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_...
Submission: On August 08 via manual (August 8th 2023, 4:41:46 pm UTC) from IT — Scanned from IT

Summary HTTP 188 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 31 domains to perform 188 HTTP transactions. The main IP is 45.60.242.147, located in United States and belongs to INCAPSULA, US. The main domain is skins.cash.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on July 19th 2023. Valid for: 6 months.

This is the only time skins.cash was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
44	45.60.242.147 45.60.242.147	19551 (INCAPSULA) (INCAPSULA)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
6	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
2	65.9.66.58 65.9.66.58	16509 (AMAZON-02) (AMAZON-02)
3	104.18.215.59 104.18.215.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.36.163.100 23.36.163.100	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
5	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	52.222.139.110 52.222.139.110	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
5	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
4	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
5	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	13.227.219.71 13.227.219.71	16509 (AMAZON-02) (AMAZON-02)
5	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	52.222.206.178 52.222.206.178	16509 (AMAZON-02) (AMAZON-02)
8	23.36.162.25 23.36.162.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 12	172.66.43.179 172.66.43.179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.36.162.71 23.36.162.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.18.20.100 104.18.20.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.30.181 104.18.30.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	104.18.22.52 104.18.22.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	95.101.22.227 95.101.22.227	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.36.228.142 52.36.228.142	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1 2	2.21.20.141 2.21.20.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.48.23.147 23.48.23.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.18.8.67 104.18.8.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.0.174.249 23.0.174.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	193.108.153.23 193.108.153.23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	193.108.153.16 193.108.153.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.48.23.132 23.48.23.132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	146.75.118.113 146.75.118.113	54113 (FASTLY) (FASTLY)
8	95.101.111.185 95.101.111.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	147.160.183.35 147.160.183.35	396986 (BYTEDANCE) (BYTEDANCE)
2	2.16.241.209 2.16.241.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	80.67.82.49 80.67.82.49	() ()
188	44

1 142.250.186.66 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 45.60.242.147 (United States)

ASN19551 (INCAPSULA, US)

skins.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-58.fra56.r.cloudfront.net

cdn.skins.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.215.59 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.163.100 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-100.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-110.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.228 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-71.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-178.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.66.43.179 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

js.gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.162.71 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-71.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.20.100 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fraudjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.30.181 (None, )

ASN13335 (CLOUDFLARENET, US)

widget.gleamjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.22.52 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.22.227 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-22-227.deploy.static.akamaitechnologies.com

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.36.228.142 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-228-142.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.141 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-141.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.48.23.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-147.deploy.static.akamaitechnologies.com

lf16-tiktok-web.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.8.67 (None, )

ASN13335 (CLOUDFLARENET, US)

user-assets.out.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.0.174.249 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-0-174-249.deploy.static.akamaitechnologies.com

sf16-website-login.neutral.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-23.deploy.static.akamaitechnologies.com

sf16-secsdk.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-16.deploy.static.akamaitechnologies.com

sf16-short-va.bytedapm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.132 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-132.deploy.static.akamaitechnologies.com

p16-sign-va.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.113 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

v19-web-newkey.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.111.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-185.deploy.static.akamaitechnologies.com

mcs-va-useast2a.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.160.183.35 (United States)

ASN396986 (BYTEDANCE, US)

mon-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.241.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-209.deploy.static.akamaitechnologies.com

vmweb-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.67.82.49 (None, )

ASN- ()

mssdk-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	skins.cash skins.cash cdn.skins.cash	1 MB
13	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1923 ka-p.fontawesome.com — Cisco Umbrella Rank: 3484	307 KB
13	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5199 api.livechatinc.com — Cisco Umbrella Rank: 4838 secure.livechatinc.com — Cisco Umbrella Rank: 6511 accounts.livechatinc.com — Cisco Umbrella Rank: 6556	380 KB
12	ttwstatic.com lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 16072 sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 6359 sf16-secsdk.ttwstatic.com — Cisco Umbrella Rank: 39673	1004 KB
12	gleam.io 2 redirects js.gleam.io — Cisco Umbrella Rank: 69952 gleam.io — Cisco Umbrella Rank: 57487	414 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2577	1 KB
8	tiktokv.com mcs-va-useast2a.tiktokv.com — Cisco Umbrella Rank: 30068	3 KB
7	tiktok.com 1 redirects analytics.tiktok.com — Cisco Umbrella Rank: 735 www.tiktok.com — Cisco Umbrella Rank: 3452	151 KB
6	byteoversea.com mon-va.byteoversea.com — Cisco Umbrella Rank: 5029 vmweb-va.byteoversea.com — Cisco Umbrella Rank: 25473 mssdk-va.byteoversea.com	5 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55 region1.google-analytics.com — Cisco Umbrella Rank: 1869	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	395 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	249 B
5	google.it www.google.it — Cisco Umbrella Rank: 20602	839 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 115	2 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	354 KB
3	tiktokcdn.com p16-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 1128 v19-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 28761	3 MB
3	gstatic.com fonts.gstatic.com	104 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3725 api2.amplitude.com — Cisco Umbrella Rank: 1671	22 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	13 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3963 onesignal.com — Cisco Umbrella Rank: 1353	74 KB
2	bytedapm.com sf16-short-va.bytedapm.com — Cisco Umbrella Rank: 16776	25 KB
2	out.sh user-assets.out.sh — Cisco Umbrella Rank: 181963	1 MB
2	gleamjs.io widget.gleamjs.io — Cisco Umbrella Rank: 117444	364 KB
2	fraudjs.io cdn.fraudjs.io — Cisco Umbrella Rank: 215052	41 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 745 script.hotjar.com — Cisco Umbrella Rank: 967	59 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3010	160 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1468	637 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1326	8 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1271	49 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 166	875 B
188	31

	Domain	Requested by
44	skins.cash	skins.cash
12	ka-p.fontawesome.com	kit.fontawesome.com ka-p.fontawesome.com
8	mcs-va-useast2a.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
8	sf16-website-login.neutral.ttwstatic.com	www.tiktok.com sf16-website-login.neutral.ttwstatic.com sf16-secsdk.ttwstatic.com
8	gleam.io	2 redirects js.gleam.io skins.cash gleam.io widget.gleamjs.io
8	cdn.livechatinc.com	skins.cash secure.livechatinc.com
6	www.googletagmanager.com	skins.cash www.googleoptimize.com www.googletagmanager.com www.google-analytics.com
5	www.facebook.com	skins.cash connect.facebook.net
5	www.google.it	skins.cash
5	connect.facebook.net	skins.cash connect.facebook.net gleam.io
5	www.google-analytics.com	skins.cash
5	analytics.tiktok.com	skins.cash analytics.tiktok.com
4	js.gleam.io	skins.cash gleam.io
4	stats.g.doubleclick.net	www.googletagmanager.com skins.cash
4	region1.analytics.google.com	www.googletagmanager.com
4	www.google.com	www.googletagmanager.com skins.cash
3	mon-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
3	lf16-tiktok-web.ttwstatic.com	gleam.io www.tiktok.com
3	fonts.gstatic.com	fonts.googleapis.com
3	api.livechatinc.com	cdn.livechatinc.com
3	bat.bing.com	skins.cash bat.bing.com
2	vmweb-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
2	v19-web-newkey.tiktokcdn.com	www.tiktok.com
2	sf16-short-va.bytedapm.com	www.tiktok.com sf16-short-va.bytedapm.com
2	user-assets.out.sh	gleam.io
2	www.tiktok.com	1 redirects lf16-tiktok-web.ttwstatic.com sf16-website-login.neutral.ttwstatic.com
2	api2.amplitude.com	skins.cash
2	widget.gleamjs.io	gleam.io
2	cdn.fraudjs.io	gleam.io
2	cdn.onesignal.com	skins.cash cdn.onesignal.com
2	cdn.skins.cash	skins.cash
1	mssdk-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
1	p16-sign-va.tiktokcdn.com	www.tiktok.com
1	sf16-secsdk.ttwstatic.com	www.tiktok.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	platform.linkedin.com	gleam.io
1	fonts.googleapis.com	gleam.io
1	kit.fontawesome.com	gleam.io
1	cdn.amplitude.com	skins.cash
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	onesignal.com	cdn.onesignal.com
1	alb.reddit.com	skins.cash
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	adservice.google.com	www.googletagmanager.com
1	static.hotjar.com	skins.cash
1	www.redditstatic.com	skins.cash
1	www.googleoptimize.com	skins.cash
1	www.googleadservices.com	1 redirects
188	50

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
steamcommunity.com
www.instagram.com
t.me
www.tiktok.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-19` - `2024-01-15`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
cdn.skins.cash Amazon RSA 2048 M02	`2023-03-22` - `2024-04-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.google.it GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-09`	a year	crt.sh
gleam.io GTS CA 1P5	`2023-07-26` - `2023-10-24`	3 months	crt.sh
widget.gleamjs.io E1	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
cdn.fraudjs.io E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
out.sh E1	`2023-07-26` - `2023-10-24`	3 months	crt.sh
*.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-11` - `2023-12-12`	a year	crt.sh
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.bytedapm.com RapidSSL ECC CA 2018	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.tiktokcdn.com RapidSSL ECC CA 2018	`2023-07-13` - `2024-08-12`	a year	crt.sh
*.tiktokv.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-12` - `2023-09-12`	a year	crt.sh
*.byteoversea.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-08-02` - `2024-09-01`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Frame ID: BF002825B9079BC4A0CE14A260A0E37D
Requests: 119 HTTP requests in this frame

Frame: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Frame ID: 36B31023117FE14E23E552E5DB8C8955
Requests: 37 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=9501570&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 4DF1E38FDFF639384AA09F1B156217CA
Requests: 9 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Frame ID: A313DBD7DE8C1E0DB88D264CAD92109D
Requests: 2 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Frame ID: F2C39247CC2F544A53ADAD8E505A7312
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Giveaway: Get Free CS:GO Skins, Rust/TF2/Dota 2 Items | Skins.Cash | Skins.Cash

Page URL History Show full URLs

https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjkjbHEwM2AAxXNPQYAHcrTB7oYABAAGgJ3cw&gclid=Cj0KCQ... HTTP 302
https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_ma... Page URL
https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_ma... Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

188
Requests

97 %
HTTPS

0 %
IPv6

31
Domains

50
Subdomains

44
IPs

5
Countries

9099 kB
Transfer

20182 kB
Size

47
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/skins.cash
Title: go to facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Skins_Cash
Title: go to twitter

Search URL Search Domain Scan URL

URL: http://steamcommunity.com/groups/skinscash
Title: go to steam

Search URL Search Domain Scan URL

URL: https://www.instagram.com/skins.cash/
Title: go to instagram

Search URL Search Domain Scan URL

URL: https://t.me/SkinsCash
Title: go to telegram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@skins.cash
Title: go to tiktok

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjkjbHEwM2AAxXNPQYAHcrTB7oYABAAGgJ3cw&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&ohost=www.google.com&cid=CAESa-D2hbehOAczW29TjcnHsDN19SZfJDVkJMHSmmZmRONHAK8xA3oCZfVZlMnFcjXtLCZ1faS3EjCEIsVRj1L-82LNMzSAPe4DylV7zrBQmNz5wpYBQuC0KpYDAQETUmVu09UTGLHnhw1_U4d9&sig=AOD64_0VPBACfDsLs1BV4P6Vfw_nibSXFw&q&adurl&ved=2ahUKEwjcxanEwM2AAxVaXfEDHf0DCTA4KBDRDHoECAQQAQ HTTP 302
https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB Page URL
https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjkjbHEwM2AAxXNPQYAHcrTB7oYABAAGgJ3cw&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&ohost=www.google.com&cid=CAESa-D2hbehOAczW29TjcnHsDN19SZfJDVkJMHSmmZmRONHAK8xA3oCZfVZlMnFcjXtLCZ1faS3EjCEIsVRj1L-82LNMzSAPe4DylV7zrBQmNz5wpYBQuC0KpYDAQETUmVu09UTGLHnhw1_U4d9&sig=AOD64_0VPBACfDsLs1BV4P6Vfw_nibSXFw&q&adurl&ved=2ahUKEwjcxanEwM2AAxVaXfEDHf0DCTA4KBDRDHoECAQQAQ HTTP 302
https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB

Request Chain 114

https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js HTTP 301
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js

Request Chain 136

https://gleam.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

Request Chain 152

https://www.tiktok.com/embed.js HTTP 302
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

188 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

free-skins-giveaway Show response
skins.cash/
Redirect Chain

https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjkjbHEwM2AAxXNPQYAHcrTB7oYABAAGgJ3cw&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&o...
https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJ...

212 B
715 B

134ms
44ms

Document
text/html

45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.242.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: close
Content-Length: 212
Content-Type: text/html
X-Iinfo: 18-25816787-0 0NNN RT(1691512898460 43) q(0 -1 -1 1) r(0 -1) B10(4,314,0) U12

Redirect headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 16:41:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: adclick_server
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK _Incapsula_Resource Show response
skins.cash/ 198 KB
28 KB 125ms
47ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.cash/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.242.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5a83ed1f01ec22527c19a4447613ea01ddec093f6505257575b1c183323479a3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 28850
Content-Type: application/javascript

GET
H/1.1 200
OK _Incapsula_Resource
skins.cash/ 29 B
164 B 39ms
39ms XHR
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.cash/_Incapsula_Resource?SWHANEDL=408583560178330221,17715151602720309112,17632581731148340972,152295
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.242.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 29
Content-Type: application/javascript

GET
H/1.1 200
OK Primary Request free-skins-giveaway Show response
skins.cash/ 503 KB
103 KB 356ms
356ms Document
text/html 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB

Requested by

Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

cabe63a253de1fa09f8713dcaa367f34ab355b5081147c9b18a5e56563728892

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Aug 2023 16:41:39 GMT
ETag: W/"7db56-gp3Qdar1ehWint1gvQLNJ3ippuw"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-CDN: Imperva
X-Iinfo: 17-23820867-23798803 pNNN RT(1691512898590 236) q(0 0 0 -1) r(3 3) U12
X-Powered-By: Express

GET
H/1.1 200
OK _Incapsula_Resource
skins.cash/ 1 B
123 B 117ms
39ms Image
text/plain 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skins.cash/_Incapsula_Resource?SWKMTFSR=1&e=0.6277886308545837
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.242.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET _Incapsula_Resource
skins.cash/ 0
0

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 126 KB
49 KB 171ms
61ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5DM9Z57

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

29b29ed990b211e6aed56f55fe2228c7a6ebbca519a199d8a404f6af5744d9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 16:41:39 GMT

GET
H/1.1 200
OK styles.e675b7ff970da708f6a2.bundle.css
skins.cash/ 515 KB
123 KB 112ms
73ms Stylesheet
text/css 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/styles.e675b7ff970da708f6a2.bundle.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

7711541e8b44a4543b4595f6802ff82df3ad7cc6738279dfa929afb58448527d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"80d04-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
X-Iinfo: 16-20411088-20348491 pNNN RT(1691512898866 339) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
54 KB 181ms
69ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862043340

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dd5b2c9cc465a9dbd061a8a8f1216a9e9487ae63b7fd08857d8908a8aaf11ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54972
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 16:01:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 16:41:39 GMT

GET
H/1.1 200
OK logoSC.png
skins.cash/assets/img/ 2 KB
2 KB 151ms
69ms Image
image/png 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/logoSC.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

6f5984e9741ce26c39b3de01d3e4cb5241c8a9b1c1f2b89558ba9cb4a6da765a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"799-18969194c88"
Content-Type: image/png
X-Iinfo: 11-7529837-7435660 pNNy RT(1691512899448 40) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1945

GET
H/1.1 200
OK tab-bar-how-it-works.svg
skins.cash/assets/img/svgIcons/ 2 KB
1 KB 161ms
78ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tab-bar-how-it-works.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

ab5d750020edf9a78ad50fa1cd855932637fe0d503f7f134cd8c433153f5197b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"83b-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 18-25816997-25785720 pNNy RT(1691512899448 47) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tab-bar-how-it-works-active.svg
skins.cash/assets/img/svgIcons/ 2 KB
1 KB 202ms
84ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tab-bar-how-it-works-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

f6a3e805d720c237dc55705834704def8e36de093fc25fa8c35e4f3fefeef5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"83b-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 7-1429966-1417415 sNNN RT(1691512899206 325) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-partnership.svg
skins.cash/assets/img/svgIcons/ 1 KB
1 KB 107ms
84ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-partnership.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

945dabdf258bb5bcdd0853c0bab9da74b6f6d5036b97f774a7d2850e1679ae0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"5eb-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 18-25816997-25785720 sNNy RT(1691512899448 175) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-partnership-active.svg
skins.cash/assets/img/svgIcons/ 1 KB
1 KB 78ms
71ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-partnership-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

853980f5e115fb1859de1f06dcb9f11153c355f85d58713ff48acc53d4c242d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"5eb-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 7-1429966-1417415 sNNN RT(1691512899206 410) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-bonuses.svg
skins.cash/assets/img/svgIcons/ 2 KB
2 KB 74ms
72ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-bonuses.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

a02463f2bb7cd0089713b4a275387056441e1465d3520d9251a9cecabf206cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"938-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 11-7529837-7435660 sNNy RT(1691512899448 170) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-bonuses-active.svg
skins.cash/assets/img/svgIcons/ 2 KB
2 KB 72ms
71ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-bonuses-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

31331cf072ee923d20b4b8fac9cefa019b25d3bad1b1a09daa14843b27f28a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"938-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 16-20411088-20348491 sNNN RT(1691512898866 752) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-menu.svg
skins.cash/assets/img/svgIcons/ 176 B
676 B 96ms
95ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-menu.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

818d8bc60c43d9fc536680779302b6e5f7530bd8dc8c3becd6efe927c00e8564

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"b0-18969194c88"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
X-Iinfo: 17-23821072-23798627 sNYy RT(1691512899448 216) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-menu-active.svg
skins.cash/assets/img/svgIcons/ 176 B
677 B 95ms
94ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-menu-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

ecc1d1ca2cdc1e069a4d5de159cd97618b4a501b31fc54549154c3248667f5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"b0-18969194c88"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
X-Iinfo: 17-23820867-23798803 sNYN RT(1691512898590 1076) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 giveaway-skins.jpg
cdn.skins.cash/giveaway/ 165 KB
166 KB 208ms
63ms Image
image/jpeg 65.9.66.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.skins.cash/giveaway/giveaway-skins.jpg
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c29e06618dc90b2586a5d7bda20cb7a02a4b4d3fcc27d277d9d966f566910f6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:01:36 GMT
x-amz-version-id: Pml9hPBcwz7ISqkxzqFkJG1wfsmZCzjr
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:27:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 31205
etag: "e9feb4c9d186ad78b7e861aed1596c01"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 169199
x-amz-cf-id: AUe7azXssvwMmY6u02CZSp3Ol_e3k7m-BnMuy0g7VLYp_NUExEvyww==

GET
H/1.1 200
OK logo-sc_white.svg
skins.cash/assets/img/ 4 KB
2 KB 72ms
71ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/logo-sc_white.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8446749b9dd56cb9024f4d7179c49de3b1162c8625d11d225d4c604cefa5a8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"eb2-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 11-7529837-7435660 sNNy RT(1691512899448 248) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK attention.png
skins.cash/assets/img/ 1 KB
2 KB 68ms
68ms Image
image/png 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/attention.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

51827b027f755bde8d532318d7474bcfad2ac91e0c473caf5723510b10ba44a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"533-18969194c88"
Content-Type: image/png
X-Iinfo: 16-20411088-20348491 sNNN RT(1691512898866 830) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1331

GET
H/1.1 200
OK close.png
skins.cash/assets/img/ 184 B
626 B 69ms
68ms Image
image/png 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/close.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

2b8b7581b238a45d2d35cba26461e26f7e8eef5e2bdd637a97800d341758a9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"b8-18969194c88"
Content-Type: image/png
X-Iinfo: 7-1429966-1417415 sNNN RT(1691512899206 490) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184

GET
H/1.1 200
OK inline.105fe6387d8a61397896.bundle.js Show response
skins.cash/ 2 KB
2 KB 71ms
71ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/inline.105fe6387d8a61397896.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

028143c1216923bd303c7bd4741cccdc294b05332879525b17cd1f133349654b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"7c1-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 16-20411088-20348491 sNNN RT(1691512898866 507) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK polyfills.f2c4df4c39a823aef2a3.bundle.js Show response
skins.cash/ 123 KB
42 KB 74ms
74ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

61bc6a37f51d0b7eec6b50f62c51b9ab8fef483f5002268712a53fece9c0fc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"1eda9-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 7-1429966-1417415 pNNN RT(1691512899206 187) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK main.4dc641e00ae421850da3.bundle.js Show response
skins.cash/ 825 KB
176 KB 118ms
92ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/main.4dc641e00ae421850da3.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

40b7534375e2314a457cd48eb6b3d81b229d137a59a2527e85e998b2e21a8642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"ce2cf-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 17-23820867-23798803 sNNN RT(1691512898590 851) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 181ms
75ms Script
application/javascript 104.18.215.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:39 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1557
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f393548cb5b0779-MRS
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 11 Aug 2023 16:41:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
52 KB 236ms
127ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMXCJMQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3673d0c77e38731d215bae02d49b72ffea27fe6bf411f9f9ca971ba0704012d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52888
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 16:01:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 16:41:39 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 328ms
155ms Script
application/javascript 23.36.163.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBTR4TJC77UFHQ3J2VQG&lib=ttq
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.100 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-100.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ee8cdbff8f0c9bbf4d9dd17c0611e98c11f70f22176377bd10d65beb0952410

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 27365101.f780e5b
date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-72.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
x-parent-response-time: 95,23.36.161.72
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=3
content-length: 1961
pragma: no-cache
server: nginx
x-tt-logid: 20230808164140ABCB62B60BF4F087EFF2
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.19
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6250a8252c982a2f247ecf21371242aefeb56bee584b6b23961eac83e6b272dcd9452feaaaddeeaf4c1ce3cd77491c804fa84dbe908655cd133a94f9b6e4231a1cc7d3bad38fddc9ec356059d40a453ed8ab9cf39d86d9c9e5a61ef1d0da5addf4
expires: Tue, 08 Aug 2023 16:41:40 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 124ms
30ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 173ms
47ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3117
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 08 Aug 2023 17:49:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
54 KB 153ms
153ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862043340&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-5DM9Z57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1a12f95a273361e520e2d56f132ededd6aba7c5e4d505342ef84687cae4b922d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55024
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 16:01:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 16:41:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 170ms
169ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-37FE33434K&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-5DM9Z57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1cc3258d5c96bd0efe5ab7f3819d85db43c2d44cf10dd3b5f52fb666df7ff0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88554
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 16:41:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 240ms
86ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 08 Aug 2023 16:41:39 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64DFC9D3CE5547299B8BD288BA8F7AA7 Ref B: MIL30EDGE1315 Ref C: 2023-08-08T16:41:40Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
DATA 200
OK truncated
/ 254 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47815943536bbba83e08683db5181d7fa13f6adcbd369db739081bf5e084dbb6

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b94100fca4474cf0d4d6cd97bd81d19ed1972457d7d7064beea9a0dcc0f5ed

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 506 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50ac4e65f88ba93ebe32ce8c459af39549fc11acea0f9cfc53dd5baf9b0090aa

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d41adeb27e8ff4ba3e91ba8f2e4a280ad3bd0b35627edb5d7404e57d5cc81add

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25557594383715049a812046f215c093e9e736386b66c00cb52f9a140e2dfab

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5e1fb2beae42d1bbb86ce9efcaa70ca20a9a1f06e151c4eb6648d068365db8e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 722 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f1fa4d91ddc0c35388c1a9bbc2e6538b7c513c7264cf2720f7a6bc8de24c1ce

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eee2d656be459793fb1890c61bfeb862722786549f6ef14ab87214f9f0677db1

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK OpenSans-Regular.900e3d6b38ee02adfb3b.woff
skins.cash/ 78 KB
78 KB 84ms
76ms Font
application/font-woff 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/OpenSans-Regular.900e3d6b38ee02adfb3b.woff

Requested by

Host: skins.cash
URL: https://skins.cash/styles.e675b7ff970da708f6a2.bundle.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

46f3d4072f066f625499660807f42d009b98109322c78bd1f85bbe06d80d886c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://skins.cash/styles.e675b7ff970da708f6a2.bundle.css
Origin: https://skins.cash
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"13994-18969194c88"
Transfer-Encoding: chunked
Content-Type: application/font-woff
X-Iinfo: 16-20411088-20348491 sNYN RT(1691512898866 585) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK OpenSans-Bold.a558ae5ad34d13f9f18d.woff
skins.cash/ 76 KB
76 KB 124ms
72ms Font
application/font-woff 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/OpenSans-Bold.a558ae5ad34d13f9f18d.woff

Requested by

Host: skins.cash
URL: https://skins.cash/styles.e675b7ff970da708f6a2.bundle.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

c0de7834b19f3304a0d98c9b6c955d46cb82f55dd46ef11a0a26a570d2bdc76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://skins.cash/styles.e675b7ff970da708f6a2.bundle.css
Origin: https://skins.cash
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:39 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"13148-18969194c88"
Transfer-Encoding: chunked
Content-Type: application/font-woff
X-Iinfo: 17-23821072-23798627 pNYy RT(1691512899448 43) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK _Incapsula_Resource Show response
skins.cash/ 162 KB
23 KB 89ms
48ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.cash/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=4&cb=1994585724
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.242.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 872377e2a20ee76da1af7041b9a58a8a9f9770c24d6e1dfb54f2f21bb15c1912

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 23366
Content-Type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 173ms
63ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 08 Aug 2023 16:41:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: /xf5JuNbdzAy0sPRoArH1LD9bAawYQqhleSKSOXsQNsa7W4XxMIGkT/TYvstPNquC1h6R5izlK4X6ZX9SknMaA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-3297316.js Show response
static.hotjar.com/c/ 10 KB
4 KB 191ms
55ms Script
application/javascript 52.222.139.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3297316.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-110.ams50.r.cloudfront.net

Software

Resource Hash

372b2de1dbdc8aeace455198b83cf6c0751a0a089f42b2e13bb950f75ff3668e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 16:41:27 GMT
via: 1.1 24562ce7bb1d06e6505e84aac2d66ac6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 52
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/98996de1bbc9c823d3fb54f9826d2438
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: zEd3LxPZC70oZPwWOMDqcerbTV4A4jlAfoimBsaGZHdGMKDvMHI-yA==

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 66ms
65ms Script
application/javascript 104.18.215.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1557
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f39354a1e900779-MRS
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 11 Aug 2023 16:41:40 GMT

POST
H2 200 regclk
adservice.google.com/pagead/ 0
0 400ms
268ms Ping
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/pagead/regclk?auid=1172912755.1691512900&url=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway&tft=1691512900178&tfd=943&frm=0&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&gclsrc=aw
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862043340
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H2 200 landing
www.google.com/pagead/ 42 B
455 B 194ms
64ms Ping
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/pagead/landing?gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&gtm=45be3820&auid=1172912755.1691512900

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862043340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862043340/ 3 KB
2 KB 209ms
96ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862043340/?random=1691512900172&cv=11&fst=1691512900172&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&hn=www.googleadservices.com&frm=0&tiba=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&auid=1172912755.1691512900&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862043340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

497b96002443b56e2078ed0ecf7cc427a9c3d5b81ebe7e44da24f17592488a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1544
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 235ms
140ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1691512900199&id=t2_oystnkpz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=71abf1d3-8ef5-4850-9dfe-53ce4f8860a1&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:40 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H/1.1 200
OK 0.4e28c51e349d645dda3b.chunk.js Show response
skins.cash/ 132 KB
31 KB 70ms
69ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/0.4e28c51e349d645dda3b.chunk.js

Requested by

Host: skins.cash
URL: https://skins.cash/inline.105fe6387d8a61397896.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

124eb31e3e36a811643657dd9e25185f6bcb8aa81f17fddc727195326b3f58b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"20e18-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 11-7529837-7435660 sNNy RT(1691512899448 347) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK 18.2ac857066d7f8bce6200.chunk.js Show response
skins.cash/ 42 KB
7 KB 130ms
130ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/18.2ac857066d7f8bce6200.chunk.js

Requested by

Host: skins.cash
URL: https://skins.cash/inline.105fe6387d8a61397896.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

bd94de722b1a9a41b2998d9765e9013f242ca01fa545de5f1ed4dbf3a47abdcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"a986-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 7-1429966-1417415 sNNN RT(1691512899206 589) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK 10.00d8bb09fda46e76b4a9.chunk.js Show response
skins.cash/ 3 KB
2 KB 73ms
73ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/10.00d8bb09fda46e76b4a9.chunk.js

Requested by

Host: skins.cash
URL: https://skins.cash/inline.105fe6387d8a61397896.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

5556656f7427c3ed1b1793db0a0ae6ae349b25d1be0c2ffd88cbe784f5c463cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"c52-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 16-20411088-20348491 sNNN RT(1691512898866 933) q(0 1 1 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
68 KB 89ms
67ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-323095743&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMXCJMQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

30d35105d135a54e177fb6ed77522aad4c17f8df120acf078f6ebc27a7c1455b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69541
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 16:07:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 16:41:40 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
218 B 56ms
55ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1611842401&t=pageview&_s=1&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&ul=en-us&de=UTF-8&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAgCAAI~&jid=1564549212&gjid=1341017061&cid=1123997351.1691512900&tid=UA-77131735-1&_gid=333573546.1691512900&_r=1&_slc=1&z=678571515

Requested by

Host: skins.cash
URL: https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

2a86bf5eb3215213e14be00861332f1a3975250da5c8e08b0c5e061e8bc8730f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://skins.cash/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 55ms
54ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1611842401&t=pageview&_s=1&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&ul=en-us&de=UTF-8&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAgCAAI~&jid=616653783&gjid=160760412&cid=1123997351.1691512900&tid=UA-77131735-1&_gid=333573546.1691512900&_r=1&gtm=45He3820n81KMXCJMQ&z=207210704

Requested by

Host: skins.cash
URL: https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://skins.cash/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 178ms
57ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-37FE33434K&gtm=45je3820&_p=1611842401&_gaz=1&cid=1123997351.1691512900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691512900&sct=1&seg=0&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37FE33434K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
241 B 190ms
59ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-37FE33434K&cid=1123997351.1691512900&gtm=45je3820&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37FE33434K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
408 B 200ms
77ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-37FE33434K&cid=1123997351.1691512900&gtm=45je3820&aip=1&z=1188033602

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5512141.js Show response
bat.bing.com/p/action/ 0
119 B 85ms
85ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5512141.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 08 Aug 2023 16:41:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56FCC7D5EFD840E6A3DF7C03CE61C747 Ref B: MIL30EDGE1315 Ref C: 2023-08-08T16:41:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 148ms
148ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5512141&Ver=2&mid=39aa679a-d13e-4777-82af-82ebcb4d5515&sid=732edd70360a11ee996011d65283011d&vid=732f5160360a11eeadcb53e9ab61dd0e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins,%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&p=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=&lt=993&evt=pageLoad&sv=1&rn=700529

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 16:41:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89C554B8F05748B8B4CC5EFC3C597405 Ref B: MIL30EDGE1315 Ref C: 2023-08-08T16:41:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTI1YjU3ZmM1MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 356 KB
96 KB 70ms
70ms Script
application/javascript 23.36.163.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTI1YjU3ZmM1MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBTR4TJC77UFHQ3J2VQG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.100 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-100.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8dea1d3a2fedce3a256daaedfcd000d1934f8294528d15adc4daba6a184d992a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f7812e0
date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230803132622DFD2980C9ABF373FB075
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-72.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d5866120c80f2f69109b2580b0fcd3686eb8cf395507d8b09e39f53378de0e32478c36e85b16f8139342e607da00bf9fbaefa177f44593c987c97385e7b118730a034fcdf0b10ad9a608f9e539b0a581e20dcc5bf7caa6b2089051c537730621
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 97927

GET
H/1.1 200
OK _Incapsula_Resource
skins.cash/ 1 B
205 B 40ms
39ms Image
text/plain 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skins.cash/_Incapsula_Resource?SWKMTFSR=1&e=0.6693238736630986
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.242.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 web Show response
onesignal.com/api/v1/sync/3a1503b0-d998-4cf7-876b-a2aaa10bfff8/ 4 KB
2 KB 145ms
135ms Script
text/javascript 104.18.215.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3a1503b0-d998-4cf7-876b-a2aaa10bfff8/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa23074f33b629c8ac65755963e5edf567d5677bbc840534a1ff39ec0fe5d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:40 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 51184376-710a-432f-ab13-97b2d0884b3d
x-runtime: 0.046862
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4fa23074f33b629c8ac65755963e5edf"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7f39354cfc480779-MRS
access-control-allow-headers: SDK-Version
expires: Tue, 08 Aug 2023 17:41:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 63ms
62ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-77131735-1&cid=1123997351.1691512900&jid=1564549212&gjid=1341017061&_gid=333573546.1691512900&_u=IEBAAEAAAAAAgCAAI~&z=355516431

Requested by

Host: skins.cash
URL: https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://skins.cash/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 70ms
69ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XB05MSCPSD&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

730e4ef49515500576128b8115a1d558fe3617c2e923f5aceb77e08eb81eb99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 16:41:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 61ms
60ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-77131735-1&cid=1123997351.1691512900&jid=616653783&gjid=160760412&_gid=333573546.1691512900&_u=YEDAAEABAAAAgCAAI~&z=2044941889

Requested by

Host: skins.cash
URL: https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://skins.cash/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 643577522779750 Show response
connect.facebook.net/signals/config/ 382 KB
109 KB 54ms
53ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/643577522779750?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

9284ea2de0444c6d5ea101e16f22267cce4e79e34a879246cc9de12a6f726885

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 08 Aug 2023 16:41:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111354
x-xss-protection: 0
pragma: public
x-fb-debug: XB/0u3vr96d/3SJ+Nvv7DEY50AcgehJqBch5OqnOTYD+7YtPiYLrTcxnHvqIm44LgoE2a65kehEYT0qQEsPiqg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.92ff9978854791af68a7.js Show response
script.hotjar.com/ 223 KB
55 KB 208ms
82ms Script
application/javascript 13.227.219.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.92ff9978854791af68a7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3297316.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-71.ams54.r.cloudfront.net

Software

Resource Hash

f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 15:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 df4167ab0949b4d2c15466bdfdc05f94.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 437253
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55640
last-modified: Thu, 03 Aug 2023 15:13:59 GMT
etag: "9e14d47807cbae60a1fa1410419e20a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: U1TulzBA9VQvMcJ1HvpBlqojjpDc6Aa2ZwvSlt7Y555evvd9oD73Vw==

GET
H/1.1 200
OK 15.33939f02d28f73eb5c9e.chunk.js Show response
skins.cash/ 16 KB
4 KB 70ms
70ms Script
application/javascript 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/15.33939f02d28f73eb5c9e.chunk.js

Requested by

Host: skins.cash
URL: https://skins.cash/inline.105fe6387d8a61397896.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

bccfc89a3ffa4a3d35daf5f1691f1da60da5445a1271291f4d8de04ff728f5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"41d6-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Iinfo: 11-7529837-7435660 sNNy RT(1691512899448 775) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 /
www.google.com/pagead/1p-user-list/862043340/ 42 B
108 B 76ms
73ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862043340/?random=1691512900172&cv=11&fst=1691510400000&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&frm=0&tiba=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3498095148&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.it/pagead/1p-user-list/862043340/ 42 B
154 B 67ms
63ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/pagead/1p-user-list/862043340/?random=1691512900172&cv=11&fst=1691510400000&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&frm=0&tiba=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3498095148&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 72ms
56ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-323095743&gtm=45je3820&_p=1611842401&cid=1123997351.1691512900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691512900&sct=1&seg=0&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-323095743&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 93ms
88ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77131735-1&cid=1123997351.1691512900&jid=1564549212&_u=IEBAAEAAAAAAgCAAI~&z=1519094272

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 79ms
75ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77131735-1&cid=1123997351.1691512900&jid=1564549212&_u=IEBAAEAAAAAAgCAAI~&z=1519094272

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 84ms
80ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77131735-1&cid=1123997351.1691512900&jid=616653783&_u=YEDAAEABAAAAgCAAI~&z=1512053076

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 80ms
77ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77131735-1&cid=1123997351.1691512900&jid=616653783&_u=YEDAAEABAAAAgCAAI~&z=1512053076

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_7f4c1.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 85ms
85ms Script
application/javascript 23.36.163.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7f4c1.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTI1YjU3ZmM1MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.100 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-100.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: f78156d
date: Tue, 08 Aug 2023 16:41:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230801143839652E5891EE72FF77B7B6
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-72.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e665d8e03389f05d19c5b0cdd12361d7222c16b99d7146aee184bd8d56bac7c89020b56a44cd4c80b8b1aa33a344d99fc9f3df59db082ac18e33be0fe27fbc73474a22124452e46758e9d2bc6d48e89d1228ca1530343334fc8ba404c87edac2
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30840

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 196ms
196ms Ping
text/plain 23.36.163.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTI1YjU3ZmM1MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.100 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-100.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://skins.cash/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9cf35d7b.f7815fd
date: Tue, 08 Aug 2023 16:41:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-72.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
x-parent-response-time: 122,23.36.161.72
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=33, inner; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230808164140C4145FF724F2F78A3168
x-cache-remote: TCP_MISS from a23-220-104-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.220.104.6
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6250a8252c982a2f247ecf21371242aefe40a09ada40bb828a58020c7c5da664824112e41b9b95b9d3c48d7be9ea710c6901b43a5ad59214034580ce6c1e4f5ae35708c34d2ef80b09b91a4d93b200615e9ede94636962fc42de1a0023fb090c5b
expires: Tue, 08 Aug 2023 16:41:40 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 58ms
55ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XB05MSCPSD&gtm=45je3820&_p=1611842401&_gaz=1&ul=en-us&sr=1600x1200&cid=1123997351.1691512900&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&sid=1691512900&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XB05MSCPSD&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 67ms
65ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XB05MSCPSD&cid=1123997351.1691512900&gtm=45je3820&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XB05MSCPSD&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.it/ads/ 42 B
63 B 73ms
72ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XB05MSCPSD&cid=1123997351.1691512900&gtm=45je3820&aip=1&z=1776729273

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK conditions Show response
skins.cash/api/payment/ 6 KB
1 KB 228ms
228ms XHR
application/json 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/api/payment/conditions

Requested by

Host: skins.cash
URL: https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

20e498546752a07e5b98f3253d5fe4005a1ca499cffaacc771375db7c009ce19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
X-CDN: Imperva
ETag: "68f3750be2c6811b653741c55f2eb9b2dbe740a3"
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
X-Iinfo: 11-7529837-7435660 sNYy RT(1691512899448 1022) q(0 0 0 -1) r(2 2) U12
Cache-Control: no-cache, private
Connection: keep-alive

GET
H/1.1 200
OK conditions Show response
skins.cash/api/payment/ 6 KB
1 KB 234ms
234ms XHR
application/json 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://skins.cash/api/payment/conditions

Requested by

Host: skins.cash
URL: https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

20e498546752a07e5b98f3253d5fe4005a1ca499cffaacc771375db7c009ce19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
X-CDN: Imperva
ETag: "68f3750be2c6811b653741c55f2eb9b2dbe740a3"
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
X-Iinfo: 7-1429966-1417415 sNYN RT(1691512899206 1265) q(0 0 0 -1) r(2 2) U12
Cache-Control: no-cache, private
Connection: keep-alive

GET
H3 200 712297870616937 Show response
connect.facebook.net/signals/config/ 383 KB
109 KB 54ms
54ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/712297870616937?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

c5794d1ef74910c4b1464df9af33cb9224db904aec7832b27ef9ca5a431318ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 08 Aug 2023 16:41:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111549
x-xss-protection: 0
pragma: public
x-fb-debug: ffE5/gFcoFaB/9x6NrzyTuBlZBVgZn7RARN9w+M8h2OPnLdtSwAc21T/dvc/D5QmRfn9v9qZ6L+1Ts9WTtVLhg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 148ms
48ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643577522779750&ev=PageView&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&rl=&if=false&ts=1691512900919&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691512900918.96320991&cs_est=true&it=1691512900646&coo=false&exp=a1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 08 Aug 2023 16:41:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
691 B 177ms
176ms Ping
text/plain 23.36.163.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTI1YjU3ZmM1MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.100 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-100.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://skins.cash/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 13000cb0.f7817e5
date: Tue, 08 Aug 2023 16:41:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-72.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
x-parent-response-time: 107,23.36.161.72
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=18, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202308081641414FB30C2367D2408A02D9
x-cache-remote: TCP_MISS from a23-220-105-22.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.220.105.22
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6250a8252c982a2f247ecf21371242aefee2f00079581b245f3555307817197bd5d2698107230dad297bcc3a4d15834b8ebbc47742dce943eaa0a9278da7cc9988d3fbc6ed96233248e4cd3ec4874dff0981b860b6b86ddfe9eef1f8be27f0982b
expires: Tue, 08 Aug 2023 16:41:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 48ms
47ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=712297870616937&ev=PageView&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&rl=&if=false&ts=1691512901087&sw=1600&sh=1200&v=2.9.121&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1691512900918.96320991&cs_est=true&it=1691512900646&coo=false&exp=a1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 08 Aug 2023 16:41:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics-browser-1.6.8-min.js.gz Show response
cdn.amplitude.com/libs/ 69 KB
22 KB 183ms
61ms Script
application/javascript 52.222.206.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-1.6.8-min.js.gz
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-178.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e190647cd2e0b0a82b5eb057ba5491e8ade873a48066512defaaef423eba1793

Request headers

Referer: https://skins.cash/
Origin: https://skins.cash
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:44:36 GMT
content-encoding: gzip
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
x-amz-version-id: 4J07E_KkZI0xB.Ug_nvSC7xwdQWYuSt9
x-amz-cf-pop: FRA56-P3
age: 7765026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21649
last-modified: Wed, 11 Jan 2023 05:51:49 GMT
server: AmazonS3
etag: "059a45d67ae0914bb30f5c037393d3f3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Jh6HrTvxxsEiKNUA9qtBsYzgTQCajWG8meI9SZR9F2IX-iHn1BlkGA==

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 87 KB
27 KB 174ms
48ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f099551678e77ad51b11aad6ad51cd8ad323f806f0298cd9834241f9cd11e80

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: w6A9wD6glszjf4n9B.ci2cwAizec923U
content-encoding: br
date: Tue, 08 Aug 2023 16:41:41 GMT
last-modified: Tue, 08 Aug 2023 08:44:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"e5a79806b0ca3a8fc087c144ef38fb07"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: Aj5b25L7kUn4lKW008JsA-MkFWYhE4cM9EWd69BghAik5VXjb_MCyQ==
content-length: 26824
expires: Tue, 08 Aug 2023 17:41:41 GMT

GET
H2 200 embed.js Show response
js.gleam.io/psuHw/ 35 KB
9 KB 360ms
278ms Script
text/javascript 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.gleam.io/psuHw/embed.js?no_button

Requested by

Host: skins.cash
URL: https://skins.cash/15.33939f02d28f73eb5c9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

722aae222ad1a22f05251999adbe50617c12e92ff218c4999f743f9a3698f776

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src www.youtube.com player.vimeo.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; object-src www.youtube.com player.vimeo.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
cf-cache-status: HIT
content-encoding: br
g-host: meepo21
alt-svc: h3=":443"; ma=86400
cdn-cache-control: max-age=86400, public
x-xss-protection: 1; mode=block
x-request-id: c45c993b-a480-483c-895f-b0688080911f
x-ua-compatible: IE=edge
x-runtime: 0.021762
server: cloudflare
etag: W/"722aae222ad1a22f05251999adbe5061"
vary: Accept-Encoding, Accept
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-robots-tag: noindex, nofollow
cf-ray: 7f3935512adda32b-FCO

GET
H/1.1 200
OK logoSC.png
skins.cash/assets/img/ 2 KB
2 KB 75ms
74ms Image
image/png 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/logoSC.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

6f5984e9741ce26c39b3de01d3e4cb5241c8a9b1c1f2b89558ba9cb4a6da765a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"799-18969194c88"
Content-Type: image/png
X-Iinfo: 7-1429966-1417415 sNNN RT(1691512899206 1572) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1945

GET
H/1.1 200
OK tap-bar-menu.svg
skins.cash/assets/img/svgIcons/ 176 B
675 B 73ms
70ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-menu.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

818d8bc60c43d9fc536680779302b6e5f7530bd8dc8c3becd6efe927c00e8564

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"b0-18969194c88"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
X-Iinfo: 11-7529837-7435660 sNYy RT(1691512899448 1333) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-menu-active.svg
skins.cash/assets/img/svgIcons/ 176 B
677 B 75ms
71ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-menu-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

ecc1d1ca2cdc1e069a4d5de159cd97618b4a501b31fc54549154c3248667f5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"b0-18969194c88"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/svg+xml
X-Iinfo: 16-20411088-20348491 sNYN RT(1691512898866 1915) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-sc_white.svg
skins.cash/assets/img/ 4 KB
2 KB 83ms
79ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/logo-sc_white.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8446749b9dd56cb9024f4d7179c49de3b1162c8625d11d225d4c604cefa5a8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"eb2-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 18-25816997-25785720 sNNy RT(1691512899448 1334) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK attention.png
skins.cash/assets/img/ 1 KB
2 KB 84ms
81ms Image
image/png 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/attention.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

51827b027f755bde8d532318d7474bcfad2ac91e0c473caf5723510b10ba44a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"533-18969194c88"
Content-Type: image/png
X-Iinfo: 17-23821072-23798627 sNNy RT(1691512899448 1335) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1331

GET
H/1.1 200
OK close.png
skins.cash/assets/img/ 184 B
630 B 85ms
82ms Image
image/png 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/close.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

2b8b7581b238a45d2d35cba26461e26f7e8eef5e2bdd637a97800d341758a9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"b8-18969194c88"
Content-Type: image/png
X-Iinfo: 17-23820867-23798803 sNNN RT(1691512898590 2195) q(0 0 0 -1) r(1 1) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184

GET
H/1.1 200
OK tab-bar-how-it-works.svg
skins.cash/assets/img/svgIcons/ 2 KB
1 KB 78ms
77ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tab-bar-how-it-works.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

ab5d750020edf9a78ad50fa1cd855932637fe0d503f7f134cd8c433153f5197b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"83b-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 16-20411088-20348491 sNNN RT(1691512898866 1995) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tab-bar-how-it-works-active.svg
skins.cash/assets/img/svgIcons/ 2 KB
1 KB 77ms
76ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tab-bar-how-it-works-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

f6a3e805d720c237dc55705834704def8e36de093fc25fa8c35e4f3fefeef5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"83b-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 7-1429966-1417415 sNNN RT(1691512899206 1653) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-partnership.svg
skins.cash/assets/img/svgIcons/ 1 KB
1 KB 71ms
70ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-partnership.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

945dabdf258bb5bcdd0853c0bab9da74b6f6d5036b97f774a7d2850e1679ae0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"5eb-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 18-25816997-25785720 sNNy RT(1691512899448 1417) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-partnership-active.svg
skins.cash/assets/img/svgIcons/ 1 KB
1 KB 73ms
72ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-partnership-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

853980f5e115fb1859de1f06dcb9f11153c355f85d58713ff48acc53d4c242d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"5eb-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 17-23820867-23798803 sNNN RT(1691512898590 2278) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-bonuses.svg
skins.cash/assets/img/svgIcons/ 2 KB
2 KB 74ms
73ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-bonuses.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

a02463f2bb7cd0089713b4a275387056441e1465d3520d9251a9cecabf206cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"938-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 17-23821072-23798627 sNNy RT(1691512899448 1421) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK tap-bar-bonuses-active.svg
skins.cash/assets/img/svgIcons/ 2 KB
2 KB 73ms
72ms Image
image/svg+xml 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/svgIcons/tap-bar-bonuses-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

31331cf072ee923d20b4b8fac9cefa019b25d3bad1b1a09daa14843b27f28a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"938-18969194c88"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Iinfo: 11-7529837-7435660 sNNy RT(1691512899448 1482) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 giveaway-skins.jpg
cdn.skins.cash/giveaway/ 165 KB
166 KB 57ms
55ms Image
image/jpeg 65.9.66.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.skins.cash/giveaway/giveaway-skins.jpg
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c29e06618dc90b2586a5d7bda20cb7a02a4b4d3fcc27d277d9d966f566910f6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:01:36 GMT
x-amz-version-id: Pml9hPBcwz7ISqkxzqFkJG1wfsmZCzjr
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:27:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 31206
etag: "e9feb4c9d186ad78b7e861aed1596c01"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 169199
x-amz-cf-id: QucS2rXKjSy1uivuYR0M7EoNJw_0UeAsBhP-8E472ypOPFJN-LgKxw==

GET
H/1.1 200
OK gdpr-info.png
skins.cash/assets/img/ 216 B
660 B 142ms
75ms Image
image/png 45.60.242.147
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skins.cash/assets/img/gdpr-info.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.242.147 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

4945624bc5b9fce976af5d7da0e2ae72be767bb0bb14d585e6a457acfc65af7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:41:41 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Tue, 18 Jul 2023 13:03:33 GMT
X-CDN: Imperva
X-Powered-By: Express
ETag: W/"d8-18969194c88"
Content-Type: image/png
X-Iinfo: 11-7529837-7435660 sNNy RT(1691512899448 1411) q(0 0 0 -1) r(0 0) U12
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 216

GET
H2 200 logo.png
js.gleam.io/images/ 2 KB
3 KB 315ms
238ms Image
image/webp 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d8d02f7a4a98f4d91c13536bbfdc41260477238ff0b31cd5baafa426ceb76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2613
content-disposition: inline; filename="logo.webp"
g-host: meepo14
alt-svc: h3=":443"; ma=86400
content-length: 2174
cf-bgj: imgq:85,h2pri
last-modified: Mon, 07 Aug 2023 13:42:00 GMT
server: cloudflare
etag: "64d0f4a8-a35"
vary: Accept
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f3935512adaa32b-FCO
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4945624bc5b9fce976af5d7da0e2ae72be767bb0bb14d585e6a457acfc65af7e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 404 B
582 B 672ms
550ms Script
application/javascript 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9501570&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&channel_type=code&jsonp=__q33ptt1t1q

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-71.deploy.static.akamaitechnologies.com

Software

Resource Hash

da5a851abbf863d56abd6ab9d985f764cb7f183ec1e3d6e00e81d53e3254009a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://skins.cash/;
X-Frame-Options	allow-from https://skins.cash/

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://skins.cash/;
date: Tue, 08 Aug 2023 16:41:42 GMT
content-length: 404
vary: Accept-Encoding
x-frame-options: allow-from https://skins.cash/
content-type: application/javascript; charset=UTF-8

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 49ms
48ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643577522779750&ev=Microdata&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&rl=&if=false&ts=1691512901423&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash%22%2C%22meta%3Adescription%22%3A%22Do%20you%20want%20to%20receive%20free%20CS%3AGO%20skins%20and%20Dota2%2FRust%2FTF2%20items%3F%20Skins.cash%20constantly%20holds%20giveaways%20for%20its%20users.%20Don%E2%80%99t%20waste%20your%20time%20and%20participate%20now!%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Free%20Skins%20Giveaway%20-%20How%20to%20Get%20Free%20Skins%20%7C%20SkinsCash%22%2C%22og%3Adescription%22%3A%22Do%20you%20want%20to%20receive%20free%20skins%3F%20%20SkinsCash%20constantly%20holds%20giveaways%20for%20its%20users.%20Read%20more%20how%20to%20get%20free%20skins.%20Don%E2%80%99t%20waste%20your%20time%20and%20participate%20now!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%22%2C%22og%3Asite_name%22%3A%22Skins.cash%3A%20Sell%20CS%3AGO%20Skins%20-%20Get%20Instant%20Payment%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.skins.cash%2Fsocial%2Ffb_meta_v1.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691512900918.96320991&it=1691512900646&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 08 Aug 2023 16:41:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 embed Show response
gleam.io/psuHw/ Frame 36B3 149 KB
32 KB 361ms
351ms Document
text/html 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=

Requested by

Host: js.gleam.io
URL: https://js.gleam.io/psuHw/embed.js?no_button

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2087bdc45f5733349ee3edb7ee302875e0cae18648d2eb8eed7956c962ac4213

Security Headers

Name	Value
Content-Security-Policy	object-src www.youtube.com player.vimeo.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://skins.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: BYPASS
cf-ray: 7f3935530ff9a32b-FCO
content-encoding: br
content-security-policy: object-src www.youtube.com player.vimeo.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 16:41:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
g-host: meepo16
link: <https://gleam.io/assets/widget-classic-bdda48fe4ac077ca719846946be2ff057e0ac727eb4c1855508394eb2349eba2.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-1d906977610ce62da682c64eba867b885aacf2f06759da65824bd7190d8ee8c5.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/widget-classic-bdda48fe4ac077ca719846946be2ff057e0ac727eb4c1855508394eb2349eba2.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-1d906977610ce62da682c64eba867b885aacf2f06759da65824bd7190d8ee8c5.js>; rel=preload; as=script; nopush
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: c91a5e18-94b5-4a62-b721-c9d82b67b4cd
x-robots-tag: noindex, nofollow
x-runtime: 0.043686
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 logo.svg
js.gleam.io/images/ 731 B
471 B 102ms
100ms Image
image/svg+xml 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 03:19:43 GMT
server: cloudflare
age: 2634
etag: W/"64d1b44f-2db"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
g-host: meepo20
cf-ray: 7f393552ffd3a32b-FCO
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 49ms
48ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=712297870616937&ev=Microdata&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&rl=&if=false&ts=1691512901589&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash%22%2C%22meta%3Adescription%22%3A%22Do%20you%20want%20to%20receive%20free%20CS%3AGO%20skins%20and%20Dota2%2FRust%2FTF2%20items%3F%20Skins.cash%20constantly%20holds%20giveaways%20for%20its%20users.%20Don%E2%80%99t%20waste%20your%20time%20and%20participate%20now!%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Free%20Skins%20Giveaway%20-%20How%20to%20Get%20Free%20Skins%20%7C%20SkinsCash%22%2C%22og%3Adescription%22%3A%22Do%20you%20want%20to%20receive%20free%20skins%3F%20%20SkinsCash%20constantly%20holds%20giveaways%20for%20its%20users.%20Read%20more%20how%20to%20get%20free%20skins.%20Don%E2%80%99t%20waste%20your%20time%20and%20participate%20now!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%22%2C%22og%3Asite_name%22%3A%22Skins.cash%3A%20Sell%20CS%3AGO%20Skins%20-%20Get%20Instant%20Payment%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.skins.cash%2Fsocial%2Ffb_meta_v1.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1691512900918.96320991&it=1691512900646&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 08 Aug 2023 16:41:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 widget-classic-bdda48fe4ac077ca719846946be2ff057e0ac727eb4c1855508394eb2349eba2.css
gleam.io/assets/ Frame 36B3 260 KB
52 KB 115ms
115ms Stylesheet
text/css 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/assets/widget-classic-bdda48fe4ac077ca719846946be2ff057e0ac727eb4c1855508394eb2349eba2.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9fe7c75a1ee86bed392daeb618dddf8a5e064181d4637f7fb66e26d4ffc3282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2415248
g-host: meepo16
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Jul 2023 10:37:34 GMT
server: cloudflare
etag: W/"64a3f66e-40fb0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://js.gleam.io
cache-control: max-age=315360000
cf-ray: 7f3935553f10a25f-FCO
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 w-1d906977610ce62da682c64eba867b885aacf2f06759da65824bd7190d8ee8c5.js Show response
gleam.io/assets/ Frame 36B3 1 MB
312 KB 176ms
174ms Script
application/x-javascript 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/assets/w-1d906977610ce62da682c64eba867b885aacf2f06759da65824bd7190d8ee8c5.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af5914cce5bb215cc415cfdae012209479244929002c7691ec6c4ecd76aa3b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1589032
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jul 2023 07:12:53 GMT
server: cloudflare
etag: W/"64ba2ff5-11f157"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://js.gleam.io
cache-control: max-age=315360000, public
cf-ray: 7f3935554f14a25f-FCO
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js Show response
cdn.fraudjs.io/assets/ Frame 36B3
Redirect Chain

https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js

56 KB
20 KB

183ms
61ms

Script
application/x-javascript

104.18.20.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Server: 104.18.20.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jul 2023 09:41:21 GMT
server: cloudflare
age: 2789754
etag: W/"64a7ddc1-debd"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 7f393556bb000da8-MRS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Tue, 08 Aug 2023 16:41:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
access-control-allow-origin: https://js.gleam.io
cache-control: max-age=3600
cf-ray: 7f3935554f17a25f-FCO
alt-svc: h3=":443"; ma=86400
expires: Tue, 08 Aug 2023 17:41:42 GMT

GET
H2 200 w-1d906977610ce62da682c64eba867b885aacf2f06759da65824bd7190d8ee8c5.js Show response
widget.gleamjs.io/assets/ Frame 36B3 1 MB
312 KB 230ms
114ms Script
application/x-javascript 104.18.30.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/w-1d906977610ce62da682c64eba867b885aacf2f06759da65824bd7190d8ee8c5.js
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5914cce5bb215cc415cfdae012209479244929002c7691ec6c4ecd76aa3b22

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jul 2023 07:13:02 GMT
server: cloudflare
age: 1524917
etag: W/"64ba2ffe-11f157"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 7f393555fb6ffc85-FCO
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget-classic-bdda48fe4ac077ca719846946be2ff057e0ac727eb4c1855508394eb2349eba2.css
widget.gleamjs.io/assets/ Frame 36B3 260 KB
52 KB 167ms
51ms Stylesheet
text/css 104.18.30.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/widget-classic-bdda48fe4ac077ca719846946be2ff057e0ac727eb4c1855508394eb2349eba2.css
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9fe7c75a1ee86bed392daeb618dddf8a5e064181d4637f7fb66e26d4ffc3282

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 10:37:36 GMT
server: cloudflare
age: 2393260
etag: W/"64a3f670-40fb0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
g-host: meepo21
cf-ray: 7f393555fb6efc85-FCO
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b36c7d9009.css
kit.fontawesome.com/ Frame 36B3 195 B
500 B 181ms
85ms Stylesheet
text/css 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/b36c7d9009.css
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10406a51a40246d0f785ed9e3f2d7f92bbf17ab07407fec8649afbad4c06d106

Request headers

Referer: https://gleam.io/
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 179
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=300, public, stale-while-revalidate=30
cf-ray: 7f393555ecf80dc0-MRS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F3ep5IMdlK2Mm_oAB1qB

GET
H2 200 css
fonts.googleapis.com/ Frame 36B3 11 KB
1 KB 200ms
80ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Requested by

Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

4ad201b8c20118aa9c3282250c854d6fbfa3514577a80cda8e2c7e4d4f5cc10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 16:41:42 GMT

GET
H2 200 fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js Show response
cdn.fraudjs.io/assets/ Frame 36B3 56 KB
20 KB 60ms
60ms Script
application/x-javascript 104.18.20.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jul 2023 09:41:21 GMT
server: cloudflare
age: 2789754
etag: W/"64a7ddc1-debd"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 7f3935588e7c0da8-MRS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo.svg
js.gleam.io/images/ Frame 36B3 731 B
575 B 64ms
63ms Image
image/svg+xml 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 03:19:43 GMT
server: cloudflare
age: 2635
etag: W/"64d1b44f-2db"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: br
g-host: meepo20
cf-ray: 7f3935590a1ba25f-FCO
alt-svc: h3=":443"; ma=86400

GET
H2 200 in.js Show response
platform.linkedin.com/ Frame 36B3 510 KB
160 KB 210ms
60ms Script
text/javascript 95.101.22.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.22.227 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-22-227.deploy.static.akamaitechnologies.com

Software

Play /

Resource Hash

895f3740444229279a90a0cad4551410a2ea285de9654be552f579b5f5444098

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 401
date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
content-length: 163643
x-li-uuid: AAYCa/Oox2kjtTdsbILebQ==
server: Play
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
expires: Tue, 8 Aug 2023 17:35:32 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 4 KB
2 KB 72ms
72ms Script
application/javascript 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=73ed1702-104f-4855-9a1b-625d9ea82170&version=2386.6.6.4384.116.1939.125.10.2.2.2.744.62&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c656a59862f316ee6c63faa82bd723de097311eabe361c05daaaed16bd04f865

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=50
content-length: 1529
expires: Tue, 08 Aug 2023 16:42:32 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 4DF1 9 KB
3 KB 283ms
244ms Document
text/html 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9501570&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 112e05fe003979b6152cb315f94a4d18cf9a44ae6211f4ad3aab28c987615ef6

Request headers

Referer: https://skins.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-length: 2555
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 16:41:42 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 62ms
57ms Script
application/javascript 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=73ed1702-104f-4855-9a1b-625d9ea82170&version=ff93808ef52c6dd040640c4853b854bd_437176dfe579a8e0ac105be00f54f07d&language=en&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ee3a95b764da2023d901d4ade4a2e890cbaad5c7fa9d594b2336a382edae209

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=51
content-length: 3797
expires: Tue, 08 Aug 2023 16:42:33 GMT

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.4.2/css/ Frame 36B3 653 KB
110 KB 153ms
71ms Stylesheet
text/css 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kit.fontawesome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:57 GMT
server: cloudflare
age: 505623
etag: W/"61dfb335f6a8fe22e435d175f39c315a"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
cf-ray: 7f3935576b13fc95-FCO

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.4.2/css/ Frame 36B3 54 KB
7 KB 131ms
49ms Stylesheet
text/css 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v5-font-face.min.css?token=b36c7d9009
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://kit.fontawesome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
age: 517184
etag: W/"36b5a5e9989c4ffc46d29ee5decf9b15"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
cf-ray: 7f3935576b16fc95-FCO

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 608ms
200ms Preflight 52.36.228.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.36.228.142 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-142.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://skins.cash
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Tue, 08 Aug 2023 16:41:42 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 206ms
206ms Fetch
application/json 52.36.228.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: skins.cash
URL: https://skins.cash/polyfills.f2c4df4c39a823aef2a3.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.36.228.142 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-228-142.us-west-2.compute.amazonaws.com

Software

Resource Hash

59f52e48a00925cde85b827d94490fc6af4db1a3187b0e50611f513d08c63e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://skins.cash/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 16:41:43 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64d27047-29e1bdb8308cf19363af7a72
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

GET
H2 200 1.8eee82b9.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 4DF1 210 KB
65 KB 48ms
47ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/1.8eee82b9.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9501570&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5e9388e9b4bc739a8257f48eb8f055791c30cd27485e4ceb3a3c77ed1eac2433

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: AQvSuSEutrumNsxrZciC65W_ZCh1FvFa
content-encoding: br
date: Tue, 08 Aug 2023 16:41:42 GMT
last-modified: Wed, 02 Aug 2023 09:47:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"39abee89e99e1a8ffca52b99b2b3e884"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ctMWzf3q62IyGdf6H5OYanIxsk1NyAclkjsZ1tBSo6tWWrgtoT8zIw==
content-length: 66537
expires: Wed, 07 Aug 2024 16:41:42 GMT

GET
H2 200 0.87ab3640.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 4DF1 46 KB
15 KB 88ms
87ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.87ab3640.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9501570&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: afc7e434e07193c2b97d1c4f0dbed040f613bad205bba9ebdc26d342fc698cd5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: HnwcWwx27_Y1sWepI0xU1_rBSzcFUVoU
content-encoding: br
date: Tue, 08 Aug 2023 16:41:42 GMT
last-modified: Wed, 02 Aug 2023 09:47:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
etag: W/"1bd6ec92d093d575fa1402fae0cb36ca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ziASkv7EuLsU_YwKvWKLnMLIkGb8QvjGTZJH3Y7zubALVBLZioQDCA==
content-length: 14942
expires: Wed, 07 Aug 2024 16:41:42 GMT

GET
H2 200 iframe.05de64dd.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 4DF1 785 KB
212 KB 88ms
87ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.05de64dd.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9501570&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fc9383cb3cbc196feb1abcf5238f5e62ccf947de7d97f5f4297c2104acca1548

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: CO_CoV7f9ay7.qGnMrcVLLUTyg5BCKeK
content-encoding: br
date: Tue, 08 Aug 2023 16:41:42 GMT
last-modified: Tue, 08 Aug 2023 08:44:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"934937ff0c780e0fa3b1ed9470e3c450"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: HKmNOIXFuRNN1t0CKCLWWmPpsVo7gm1Mp2OG0ve3AniLlcz_P3vIwA==
content-length: 216783
expires: Wed, 07 Aug 2024 16:41:42 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 4DF1 13 KB
13 KB 167ms
55ms Font
application/octet-stream 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9501570&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Tue, 08 Aug 2023 16:41:42 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: Vpwr56nO4a-mfdsjRQA3N1lOhiIsn5JZ-5L583VMoCdQwKrMU4sJQA==
expires: Wed, 07 Aug 2024 16:41:42 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 4DF1 12 KB
13 KB 166ms
54ms Font
application/octet-stream 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=9501570&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Tue, 08 Aug 2023 16:41:42 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: fxiNcFvoxT9I8hmwwa_kah8ZOqqGoxi-TbPFUgTBhyXFm24mgEC-oQ==
expires: Wed, 07 Aug 2024 16:41:42 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame 36B3 3 KB
2 KB 70ms
69ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

41793d9f4076b4282314eb417ca9d9e7e2af0449e41e7164347686e7bed9a2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 16:41:42 GMT
content-md5: MyBdpV0wxYGLxTdRiwb/dQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: 0CSd1BgF/zNnEB+6eHuUTxETgHh9OIHtVOaNNC34Zfni3+BvTSP7eVAuTgkQyR4+6BmQYSuzFXo5ZVHQQ02qyQ==
x-fb-content-md5: 2784990b65ea6a0c8eae79de3494d4dc
cross-origin-opener-policy: same-origin-allow-popups
etag: "a8204de548b597de477d723103c214c7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 08 Aug 2023 16:53:22 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame 36B3 308 KB
87 KB 125ms
62ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=682e4ec64ca7c3a1ff56b421756460b5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

b41d08b78cb7bc162f24a8a39ca51d0a49d8fa2295450ab107cdc3fede10ed07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gleam.io/
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 16:41:42 GMT
content-md5: zG+2mKTLMaXB/flWKOrG+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88530
x-fb-debug: uAY6N/a4TL2vt3sZ9PR0IBxXPcrE4/3AoIYGST/UJEiYyqxb2pddkiZ8oEFqRbyslulmiZhuNEvRc9OcxSCX+A==
x-fb-content-md5: 0a4eb1a433702483d7b5073fb021d57e
cross-origin-opener-policy: same-origin-allow-popups
etag: "380f343302363b8ab46dc07fb93b8ae4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 07 Aug 2024 16:19:39 GMT

GET
H3

200

invisible.js Show response
gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/ Frame A313
Redirect Chain

https://gleam.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

7 KB
3 KB

76ms
75ms

Script
application/javascript

172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

Requested by

Protocol

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9230751f2f93949799cd53bbfd0a05becb058541f87dcb1a0da4abade5c507

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f39355d7f22a25f-FCO
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 08 Aug 2023 16:41:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
cache-control: max-age=300, public
cf-ray: 7f39355acf73a25f-FCO
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 36B3 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 36B3 47 KB
48 KB 171ms
52ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 319000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 00:05:03 GMT

GET
H2 200 pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 13 KB
13 KB 61ms
59ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-1.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c5f02b9dc1353e2fe5c53eb2a01c91fe40e891acc57f22b6bc7fb94d08097f

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
age: 517439
etag: "4abcbd61cf6530156823d922586ad6b5"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355b891e0dc0-MRS
content-length: 13380

GET
H2 200 pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 11 KB
11 KB 95ms
92ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-0.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adef62602f3fefd4e6f1d58bef7ff97640f6a52b55cc379d67ee4a283f3ac0b6

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
age: 514768
etag: "e635fbdb6d71c0aabd5d5ef365d5daf5"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355b89210dc0-MRS
content-length: 11380

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 14 KB
14 KB 69ms
67ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-regular-400-0.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1d861f40e0b7a2773c61b30eaa39ba2af3d479aebd83dd7e03161de0e25298

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:35 GMT
server: cloudflare
age: 517439
etag: "6288b44a6fa27c081713d2aa82c9aad6"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355b89250dc0-MRS
content-length: 13964

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 36B3 30 KB
30 KB 226ms
108ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 06:58:18 GMT
x-content-type-options: nosniff
age: 294205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 06:58:18 GMT

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 11 KB
11 KB 104ms
103ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6703613ee782790dd723b3096e965d2a7f7a29f14a27a857cd4350421954caca

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
age: 517439
etag: "295d59fde4985220de4456ec047fd1cf"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355b99370dc0-MRS
content-length: 11436

GET
H2 200 pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 17 KB
17 KB 91ms
91ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-17.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd20a5ae445a0c34086b9a504c099ecfe640c1dc0d9d97b5911e10df7ac46961

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:42 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
age: 517439
etag: "51ec9792ca54ac424e139ec51e3516dd"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355b993a0dc0-MRS
content-length: 17004

GET
H2 200 pro-fa-solid-900-11.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 22 KB
23 KB 79ms
78ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-11.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d354b92cc50e26da3614dc045836c906802bd58876e9759d4884320874e203fd

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
age: 517440
etag: "cf07da4a47492f50c58989e5c98ce2bf"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355bc98e0dc0-MRS
content-length: 23016

GET
H3 200 checkbox.png
gleam.io/images/ Frame 36B3 368 B
706 B 84ms
83ms Image
image/webp 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gleam.io/images/checkbox.png

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-bdda48fe4ac077ca719846946be2ff057e0ac727eb4c1855508394eb2349eba2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://widget.gleamjs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3725600
cf-polished: origFmt=png, origSize=655
content-disposition: inline; filename="checkbox.webp"
g-host: meepo14
alt-svc: h3=":443"; ma=86400
content-length: 368
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Jun 2023 13:32:16 GMT
server: cloudflare
etag: "64999360-28f"
vary: Accept
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f39355c7c28a25f-FCO
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 36 KB
36 KB 61ms
60ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6055153370002a78a8fa734e28b81a566e49855686b500cbbf8d42129a38db

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
age: 517440
etag: "fa42cd9b611d8dfa7da57178fb80beac"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355c8b460dc0-MRS
content-length: 36504

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 38 KB
38 KB 65ms
65ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-brands-400-1.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9837b15da4f9bb0f312eade52d306fa611ff2ce38faa7d601e816fa22f73ca5f

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
age: 517440
etag: "03e3486ca5bfde48fe827e153bf9c802"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355c8b4c0dc0-MRS
content-length: 38752

GET
H2 200 pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 16 KB
16 KB 72ms
72ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-regular-400-1.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:35 GMT
server: cloudflare
age: 517440
etag: "65652a05878f25dc378dd307c60079bd"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355c9b510dc0-MRS
content-length: 16140

GET
H2 200 pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ Frame 36B3 11 KB
11 KB 73ms
73ms Font
font/woff2 104.18.22.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-14.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9

Request headers

Referer: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
age: 517440
etag: "185c4ea4d4cebccf9e5a07bba2869381"
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
x-cache-status: HIT
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39355c9b560dc0-MRS
content-length: 10816

GET
DATA 200
OK truncated
/ Frame 36B3 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

embed_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ Frame 36B3
Redirect Chain

https://www.tiktok.com/embed.js
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

46 KB
15 KB

184ms
53ms

Script
application/javascript

23.48.23.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Server: 23.48.23.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: aebfa98
date: Tue, 08 Aug 2023 16:41:43 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: a2mC7RA9gA0jSaiCieTPqA==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-48-22-147.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 14603
x-tos-request-id: 48f660a71c2e5ce863a71c2e-af54b31
x-tos-response-time: Sat, 24 Dec 2022 15:35:10 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 202212241923529BE5894CB9BC0D5DD8A6
etag: CPXr0NbkkPsCEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=868025
access-control-allow-credentials: false
x-tt-trace-host: 0110470ab938728df0b8f0941937cce062a64070455503055738e78975a5ef55deaab43b0618cd62f0c1ad82c7dcde01e8d08b04a4d04f8cf9945e35220c267dd9e5c44f98bb72bc3791f75839dedf811ca73ed0a7a3730c758f7f462991df5096cbfb4446d940bf9857a2aa10ba9de6d8cefffe3d1dcc54eddd8028c48cc47629
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

x-akamai-request-id: bc107d.486386cb
date: Tue, 08 Aug 2023 16:41:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-206-213-13.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 91,23.206.213.13
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=4
content-length: 138
pragma: no-cache
server: nginx
x-tt-logid: 2023080816414292C51CB16FD87C5393BE
x-cache-remote: TCP_MISS from a23-32-17-37.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: text/html
location: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.32.17.37
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b625d5b4946564728f3e718f600915b1357470d80beda14ea095db099a95d97c25b780b64114df634ec48a47a7cc50c5a28d2725955cfb5a505756065a3ba043a05
expires: Tue, 08 Aug 2023 16:41:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 36B3 26 KB
26 KB 53ms
52ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gleam.io
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 07:56:14 GMT
x-content-type-options: nosniff
age: 290729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26616
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 07:56:14 GMT

GET
H2 200 upload.png
user-assets.out.sh/user-assets/2016280/MoAywB9rIcDopgXG/ Frame 36B3 1 MB
1 MB 293ms
213ms Image
image/png 104.18.8.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-assets.out.sh/user-assets/2016280/MoAywB9rIcDopgXG/upload.png
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c229b078ebde89060532783c42f44caa23f2704da00ac2524700dfe8d2e138

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
x-amz-version-id: nVjFOHvvmoqnwRneaY4j6irbJQ2ZUsTB
cf-cache-status: REVALIDATED
x-amz-request-id: P84KX35T335Q96BA
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1173678
x-amz-id-2: HDTUEj3pFXQRhwgmZH8tTRDADg1v3agYvJfkW9JyLwLrW/pK/1qWZphl2VrLEZ8tbI/g6FtKWTc=
last-modified: Thu, 09 Feb 2023 15:02:20 GMT
server: cloudflare
etag: "4fc33fd8611c3d89f6a8dd5a00dd78f8"
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7f39355dee27a325-FCO
expires: Tue, 08 Aug 2023 20:41:43 GMT

GET
H2 200 avatar.jpg
user-assets.out.sh/facebook/54/ab/87328c6f577d154f0d1cae432992/ Frame 36B3 996 B
1 KB 254ms
174ms Image
image/webp 104.18.8.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-assets.out.sh/facebook/54/ab/87328c6f577d154f0d1cae432992/avatar.jpg
Requested by: Host: gleam.io
URL: https://gleam.io/psuHw/embed?l=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4ffd55dcf37f2b18c72d498d3a2314709d1f67fcaee090875e6f3824461052

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
x-amz-version-id: G_rwh_ltpBm0bvAHKpp7TAxi8U4gOLse
cf-cache-status: HIT
x-amz-request-id: HENQJQCZVHG3KHKD
cf-polished: qual=85, origFmt=jpeg, origSize=1291
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="avatar.webp"
alt-svc: h3=":443"; ma=86400
content-length: 996
x-amz-id-2: HWKtaklYVNnJQB0Y9CHRtdQDJt48q0VP0cgaNFCXRw6DTTA6gezAgqUnPQoQWb0EJ9MRQBu009M=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Dec 2022 21:51:19 GMT
server: cloudflare
etag: "7f0cda5b0ab06dc445baa65c7ff7f0c9"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7f39355dee2aa325-FCO
expires: Tue, 08 Aug 2023 20:41:43 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/v2/customer/ Frame 4DF1 195 B
1 KB 243ms
230ms XHR
application/json 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/v2/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/1.8eee82b9.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: da1e15e35c92eb775437aa99ab251868b1a234d1058e6d88f2e5f22f1c7f14d1

Request headers

Referer: https://secure.livechatinc.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:43 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 195
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ Frame 36B3 0
0 81ms
80ms Fetch
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fskins.cash&client_id=152351391599356&input_token&origin=1&redirect_uri=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=682e4ec64ca7c3a1ff56b421756460b5

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 08 Aug 2023 16:41:43 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: NKPOm3B5dpaKEPEXr+zQhmpPDweR8rorUTutFiSAj9CoR6d8oAdWYl7upYODBgKoTJJ0ckO5OPFs7YfVZBGS8A==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gleam.io
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 7f3935530ff9a32b Show response
gleam.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame A313 0
303 B 88ms
85ms XHR
text/plain 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/g/cv/result/7f3935530ff9a32b

Requested by

Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Aug 2023 16:41:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 7f39355efb7ca25f-FCO
alt-svc: h3=":443"; ma=86400

GET
H2 200 embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ Frame 36B3 4 KB
2 KB 58ms
58ms Stylesheet
text/css 23.48.23.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: aebfbae
date: Tue, 08 Aug 2023 16:41:43 GMT
content-encoding: gzip
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-48-22-147.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=6
content-length: 1334
x-tos-request-id: c80d2b7781c5d7563b7781c-af5401d
x-tos-response-time: Fri, 06 Jan 2023 01:23:40 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 20230107061032FCAFA6E2D2EF8DF08B9E
etag: CP6J0dbkkPsCEAE=
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1376306
access-control-allow-credentials: false
x-tt-trace-host: 01594559d62bd879d677ada348aa64fc43c24b220477d22236e1c4a58f8f84d70a5d31cd967b9c88ada99120b212aca227f3c1281cfd94501acbf6942f8b01fd171d6c78841c1adea7a2cb4a6ddf788ab88b8bfcad8d2a75395769b8311f383c12cc8a5c39a127789d2406983f5186e5cd6b416d5fe11d2a5c41ec314855bdb067
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 embed_lib_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ Frame 36B3 15 KB
6 KB 55ms
55ms Script
application/javascript 23.48.23.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: aebfbaf
date: Tue, 08 Aug 2023 16:41:43 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: 6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-48-22-147.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 5147
x-tos-request-id: 5015e4c03a65172563c03a65-af54412
x-tos-response-time: Thu, 12 Jan 2023 16:50:45 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 2023011313295432AB13B660278BF688A8
etag: CNX5z9bkkPsCEAE=
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1717863
access-control-allow-credentials: false
x-tt-trace-host: 016bbbde7ba25c584111056193f8c6017b3d2308526089f6e155025cf27f53c6229a7a1bcf8983572cd5a06f828ab0641bf253be0ac38b79c39fc3b27164b874fc3c3d34fc789eafbe8eb893c83f3774c46a138bd3629f3b6806dc2c8e4e00a13c4cf4528ad095eb966ec05618f59f0522f404b1e0de88ee311ba3b530232b7d9d
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 7179710920220757253 Show response
www.tiktok.com/embed/v2/ Frame F2C3 122 KB
20 KB 294ms
293ms Document
text/html 2.21.20.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Requested by: Host: lf16-tiktok-web.ttwstatic.com
URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.141 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-141.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8396a0a4f5a0459c1c7840cd241058bab80dfe1b73c0d0cb063803f1f971a5d1

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 16:41:44 GMT
expires: Tue, 08 Aug 2023 16:41:44 GMT
pragma: no-cache
server: nginx
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=139 inner; dur=136
x-akamai-request-id: 686f462.48639016
x-cache: TCP_MISS from a23-206-213-13.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-cache-remote: TCP_MISS from a23-32-17-12.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-origin-response-time: 139,23.32.17.12
x-parent-response-time: 226,23.206.213.13
x-tt-logid: 2023080816414212672EA561A57B517599
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b625d5b4946564728f3e718f600915b1357fa60ebfbf5c305ceaead94ba5ffc5d421dd118a7b20c0ac1b4eb83f064524357be9d2f7d7033229b92b3c1e3f56ba310f310816d291c2a5dfe906b255ad317de90cb8dfee9e909ff028f35fff8f07481
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 index.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/ Frame F2C3 53 KB
16 KB 255ms
132ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 21017fd31582e3295c114a03a3ae2aeb3d8608ceff8ccc4f44ffb81cfe9fdc0d

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2a5d7
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: McCDPxxiZAyb7byiG67FxA==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 15384
last-modified: Wed, 02 Aug 2023 03:34:28 GMT
opc-request-id: iad-1:iucYXs7izdSHGo5r5XvkgDMOeVg7Bu55HphZG0MI7wzkiq5VDb-9KujtSbE1AyaK
x-api-id: native
etag: 4b95ab93-61d9-4545-9689-3d6f7e243127
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 6233dd0b-dc84-4b70-9784-6013b0a4243f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:44 GMT

GET
H2 200 webmssdk.js Show response
sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/ Frame F2C3 619 KB
185 KB 173ms
52ms Script
application/javascript 193.108.153.23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-23.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 15f9abb5
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z6lb4ggvjhvby2nY7JSVRA==
x-cache: TCP_MEM_HIT from a23-54-206-23.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,23.192.44.214
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=210
content-length: 188901
x-tos-request-id: ea484068ccaa9a3e6368ccaa-abf3427
x-tos-response-time: Mon, 07 Nov 2022 09:15:22 GMT
last-modified: Mon, 07 Nov 2022 03:53:53 GMT
server: nginx
etag: "CLn13/mVm/sCEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2230118
x-origin-response-time: 223,23.192.44.230
access-control-allow-credentials: false
x-tt-trace-host: 011785d5f7af4a77e70353a0133ed909f20b10df25d40b451d7edab5fd25af910546bb1c7a28716e084aa1df3cc437c0130e9cc8468308b73200769dffa3aab5436de8e65ca025bfeb1ea64dbf668061e2bd73e97124ff0244e31b5c6871b8e1c1712f87b3ece92e19c759d7bbb2cad911
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tiktok-embed.module.6809f8f65ab9d683e231.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame F2C3 2 MB
544 KB 171ms
49ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8af933fdf42135c925a47d28b49268943fcc2c6206494a5900ced9c84d2b77f8

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2a5d4
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: vQZ+zYrkXYj6FOFQFXbWEg==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 556279
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:8dV_h5jqH61ArYhrUYVEQBsM9aY0lRYYWUaOe_ysR-2MJTFvah53DcPqwM4hafd_
x-api-id: native
etag: 49d61d55-f963-4dde-bd07-29999efeb836
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: a452b050-103f-4aa1-be5d-f1a20052614b
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:44 GMT

GET
H2 200 vendors~home.module.8356b6c43da93b2ad72b.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame F2C3 156 KB
42 KB 171ms
48ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/vendors~home.module.8356b6c43da93b2ad72b.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 475c6f7d52d246e49bb5a064ffd62f6b5eb9634909cb7b6812ea1577af45786e

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2a5d5
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: qzl9BbyjSD4wE3fNMsk0Jw==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 42085
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:RMXn6P8BRaG-ccSt8KRREWTk2VogCZjICGXsRi4bzmMj1QpK0wKN26wFBrVA08Yz
x-api-id: native
etag: 1e9d715a-e68f-49da-81c7-dc57bf5f0a05
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 10eb1a90-e734-4ec9-8628-2ee42be0c312
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:44 GMT

GET
H2 200 home.module.ec043603aa2aee6a05ec.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame F2C3 118 KB
30 KB 259ms
137ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/home.module.ec043603aa2aee6a05ec.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 961c3cf02123822bb7df2ed044c2a0de85ecde83e21a5090b40da309ee59b3a5

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2a5d6
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: lQB96x3Iah34VTGVBYEu+Q==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 30017
last-modified: Thu, 20 Jul 2023 03:27:34 GMT
opc-request-id: iad-1:z07oNGs8dM5LPvMqm2E12GDxooGVtf0Se0-JuUTmSAqNZEQRj5A8jovxoTuyxF-f
x-api-id: native
etag: 14c781ce-59eb-4a2e-acfe-1a9fddf12c53
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: a038879a-dcf9-4e45-bbd4-53952434380e
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:44 GMT

GET
H2 200 browser.maliva.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/ Frame F2C3 44 KB
17 KB 177ms
56ms Script
application/javascript 193.108.153.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba2735c9da718210b17b73fe314fd449718a4c061d685f43a04c4ddf91b3d687

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 109a34cc
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: NTERAEALDEmLR1Cs3myf2Q==
x-cache: TCP_MEM_HIT from a23-54-206-16.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 16281
x-tos-request-id: fe86a8b795e1c2d664b795e1-a36480f
x-tos-response-time: Wed, 19 Jul 2023 07:50:57 GMT
last-modified: Wed, 19 Jul 2023 07:47:05 GMT
server: nginx
x-tt-logid: 202307190751068C9EB8138B93423446EA
etag: W/"CMXWnuejmoADEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
x-origin-response-time: 70,23.222.242.197
access-control-allow-credentials: false
x-tt-trace-host: 012c794900c4d265fc2984641f07774c83649a0763c76dc2797637d8ff5131166b841e4e50cce1f67f5c289e9f98d87f2acd9ec849fbe394a96c1825d4680d952c149fc140dbf1622947387d4237e303a50114af0179f70700eaea8a3015fb78154d391be29f6226d88cfc245eb0e4dced207b353ad7a862d1448c176a64c8f58725c6724f2d9152876f0fd7ef30a10a94
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 08 Aug 2023 16:46:44 GMT

GET
H2 200 ooxmk6jCGA1EbCfAMgxIuQ7BB0YDoNtyXqdzhS
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-85c255/ Frame F2C3 66 KB
67 KB 191ms
69ms Image
image/jpeg 23.48.23.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-85c255/ooxmk6jCGA1EbCfAMgxIuQ7BB0YDoNtyXqdzhS?x-expires=1691532000&x-signature=3A%2Bt6SzaWDaPE3DsAENU3CK4%2BLo%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-132.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 2dab02f7a6b575fc683d1dad3446a900f93ba6c321eda402581b9fa6fb78eeda

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: eb35b9.a837852.30928f3
date: Tue, 08 Aug 2023 16:41:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 202308080955200AA209920F0B8F125530snc4b21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a23-48-22-132.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 7,23.54.207.16, 16,23.48.22.132
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 971653
server-timing: cdn-cache; desc=MISS, edge; dur=17, origin; dur=0, inner; dur=21
x-length: 67180
content-length: 67180
last-modified: Tue, 08 Aug 2023 09:55:21 GMT
server: nginx
x-tt-logid: 202308080955200AA209920F0B8F125530
x-response-date: Tue, 08 Aug 2023 09:55:21 GMT
x-cache-remote: TCP_MISS from a23-54-207-16.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-08T09:55:21.714404278Z 17
x-request-ip: fdbd:dc61:7:166::82
x-origin-response-time: 88,23.204.146.61
x-tt-trace-host: 01a21e81d4d8a793b51e561306cb04770656115d9c36860ec9adc7758d83785b51edfd06fc51db2cf9acb51cf295ba89dc4920718cc4d1977a5a4a1ea05041c2c460a57379f0632beee7776bd7947c49e13355b11acfc2c33f2ad03285e789142086ffa9d96abb2a7116b6da63bf591c190dcd4d796048cb82c0bf61bb16550446
x-response-cinfo: fdbd:dc61:7:166::82
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
cache-control: max-age=31511572

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 4DF1 13 KB
13 KB 53ms
53ms Font
application/octet-stream 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Tue, 08 Aug 2023 16:41:44 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: Vpwr56nO4a-mfdsjRQA3N1lOhiIsn5JZ-5L583VMoCdQwKrMU4sJQA==
expires: Wed, 07 Aug 2024 16:41:44 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 4DF1 12 KB
13 KB 53ms
53ms Font
application/octet-stream 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by: Host: skins.cash
URL: https://skins.cash/free-skins-giveaway?utm_source=google&utm_medium=cpc&utm_campaign=eng_dsa_max&utm_network=x&utm_term=&utm_content=&gad=1&gclid=Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Tue, 08 Aug 2023 16:41:44 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: fxiNcFvoxT9I8hmwwa_kah8ZOqqGoxi-TbPFUgTBhyXFm24mgEC-oQ==
expires: Wed, 07 Aug 2024 16:41:44 GMT

GET
H2 200 core.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/ Frame F2C3 65 KB
22 KB 49ms
49ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/core.js?globalName=__PNS_RUNTIME__
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d6518513ae6fef5cb6d97c94a14dcbde416b70c2055256424f21f3e2a4d55da

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2a682
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: n+W11tRiqMnrhYjU8ZPKtw==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 21790
last-modified: Wed, 02 Aug 2023 03:34:28 GMT
opc-request-id: iad-1:qBejfkj3tAwYV3WowIv2x08ki3BG6ik5jLms9WhrR29ZjzyVnBhiWgCNLqV6xuw1
x-api-id: native
etag: 354b147d-5487-4706-81bd-519d5c38a84b
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 00268db4-e8dc-443b-bc62-f34b724cdfc0
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:44 GMT

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/6798cb0f430cfb3d020e81edbf113ad9/64d2c4b6/video/tos/maliva/tos-maliva-v-85c255-us/oAjoVYq6ol3kBjFwQNFGhBEGgBei8JbcfQHnUD/ Frame F2C3 15 KB
0 172ms
55ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/6798cb0f430cfb3d020e81edbf113ad9/64d2c4b6/video/tos/maliva/tos-maliva-v-85c255-us/oAjoVYq6ol3kBjFwQNFGhBEGgBei8JbcfQHnUD/?a=1988&ch=0&cr=0&dr=0&lr=tiktok&cd=0%7C0%7C1%7C0&cv=1&br=3250&bt=1625&cs=0&ds=3&ft=ApKJEB~lq8ZmoAJX-c_vjO.8LAhLrus&mime_type=video_mp4&qs=0&rc=ODc6ZjRoOTtlOjxnaTk6OEBpM29pZWY6ZjZxaDQzNzM2M0BjY2EyLV5eX2ExLi1hMTFgYSM2MGQucjRfXmVgLS1kLTZzcw%3D%3D&l=2023080816414212672EA561A57B517599&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 08 Aug 2023 16:41:44 GMT
Via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 1503995
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-2927436/2927437
Connection: keep-alive
server-timing: inner; dur=132, cdn-cache;desc=hit, edge;dur=2
Content-Length: 2927437
X-Served-By: cache-iad-kiad7000153-IAD, cache-fra-eddf8230063-FRA
X-Storagegw-Request-Id: 202306071805008401B53FF09E6B0A6518
Last-Modified: Wed, 21 Dec 2022 21:05:27 GMT
X-TT-LOGID: 202306071805008401B53FF09E6B0A6518
X-Timer: S1691512905.600209,VS0,VE2
Etag: "CMWcqcvOi/wCEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Wed, 07 Jun 2023 18:05:01 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 010927e1e4cf94693c7cb927ae2d59ffe9a0d172b6f08548ae0e4de8db4ae32d3373a143ced988060ab41eb7a7cedd237ecef00fe9fd7cd7c3315ee75d71538f7659fd52b34464c9133159d3ae169716b55d18088815ca9fd2615b869efd8b84d4
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 1, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/6798cb0f430cfb3d020e81edbf113ad9/64d2c4b6/video/tos/maliva/tos-maliva-v-85c255-us/oAjoVYq6ol3kBjFwQNFGhBEGgBei8JbcfQHnUD/ Frame F2C3 3 MB
3 MB 191ms
62ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/6798cb0f430cfb3d020e81edbf113ad9/64d2c4b6/video/tos/maliva/tos-maliva-v-85c255-us/oAjoVYq6ol3kBjFwQNFGhBEGgBei8JbcfQHnUD/?a=1988&ch=0&cr=0&dr=0&lr=tiktok&cd=0%7C0%7C1%7C0&cv=1&br=3250&bt=1625&cs=0&ds=3&ft=ApKJEB~lq8ZmoAJX-c_vjO.8LAhLrus&mime_type=video_mp4&qs=0&rc=ODc6ZjRoOTtlOjxnaTk6OEBpM29pZWY6ZjZxaDQzNzM2M0BjY2EyLV5eX2ExLi1hMTFgYSM2MGQucjRfXmVgLS1kLTZzcw%3D%3D&l=2023080816414212672EA561A57B517599&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7179710920220757253?lang=en-US&referrer=https%3A%2F%2Fgleam.io%2FpsuHw%2Fembed%3Fl%3Dhttps%253A%252F%252Fskins.cash%252Ffree-skins-giveaway%253Futm_source%253Dgoogle%2526utm_medium%253Dcpc%2526utm_campaign%253Deng_dsa_max%2526utm_network%253Dx%2526utm_term%253D%2526utm_content%253D%2526gad%253D1%2526gclid%253DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB%26r%3D&embedFrom=oembed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0f46696a81fa510716fbfacd9f2c270ddf6164e2dcad509e1868875794add61

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 08 Aug 2023 16:41:44 GMT
Via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 1503995
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-2927436/2927437
Connection: keep-alive
server-timing: inner; dur=132, cdn-cache;desc=hit, edge;dur=2
Content-Length: 2927437
X-Served-By: cache-iad-kiad7000153-IAD, cache-fra-eddf8230127-FRA
X-Storagegw-Request-Id: 202306071805008401B53FF09E6B0A6518
Last-Modified: Wed, 21 Dec 2022 21:05:27 GMT
X-TT-LOGID: 202306071805008401B53FF09E6B0A6518
X-Timer: S1691512905.612826,VS0,VE2
Etag: "CMWcqcvOi/wCEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Wed, 07 Jun 2023 18:05:01 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 010927e1e4cf94693c7cb927ae2d59ffe9a0d172b6f08548ae0e4de8db4ae32d3373a143ced988060ab41eb7a7cedd237ecef00fe9fd7cd7c3315ee75d71538f7659fd52b34464c9133159d3ae169716b55d18088815ca9fd2615b869efd8b84d4
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 1, 0

OPTIONS
H/1.1 200
OK webid
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 0
0 261ms
151ms Preflight 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 08 Aug 2023 16:41:44 GMT
Server: nginx
Server-Timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=10 inner; dur=3
X-Origin-Response-Time: 10,23.48.215.199
X-Parent-Response-Time: 100,2.23.208.185
X-Tt-Logid: 20230808164143DC4D1F70A7D3FF9481C8
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6255a121b1ceb293e8cc0eab15ddd2b41e44659628b58bdc548fd665e5d7e3fb050c955c0e1b85b31a89120e55544b4cbe190d2b3ac83e4b39ccf45d7dd8262efbed42ba2c31edc54c17d71ee83c43f53ce82fde404d43f5b67bd81838832674a9
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK webid Show response
mcs-va-useast2a.tiktokv.com/v1/user/ Frame F2C3 58 B
968 B 164ms
163ms XHR
application/json 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5f1b7c160140627d80a8d4b4fb518b29e75f8b96c15cb40affa187acccf4732f

Request headers

Referer: https://www.tiktok.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 08 Aug 2023 16:41:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 111,2.23.208.185
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=16, inner; dur=9
Content-Length: 58
Server: nginx
X-Tt-Logid: 202308081641439D62CAC222F42997318A
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 16,23.48.215.166
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6255a121b1ceb293e8cc0eab15ddd2b41ec263bf296ab645d40af28f998add7ecef7196193bdf7747cb3979d1f37093f910436737169a61e7811ba35a3f2fd0068e20ce0c49a6a2f19cecc58e35c14fceb1ae5d7f9484890b579c9093934c06de5

GET
H2 200 devtools.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/ Frame F2C3 4 KB
3 KB 48ms
48ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/devtools.js?globalName=__PNS_RUNTIME__&__PNS_SW_CACHE__=1&__PNS_SW_CACHE_KEY__=to-json-schema
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/core.js?globalName=__PNS_RUNTIME__
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2a6fd
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: SBOqY3b5/4rueltCkuSr0w==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 1706
last-modified: Wed, 02 Aug 2023 03:34:27 GMT
opc-request-id: iad-1:n-vnxxPACOWv8i3JTSYYGCM2a7EkNOagloFpVLLt6dKm0VXX87y_xPJaJluov-gA
x-api-id: native
etag: 8f8dbfdc-a676-4e7b-9fc1-307c05a35f32
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: a555034d-c2e4-48e3-99ef-e2fd35574654
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:44 GMT

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 311ms
156ms Preflight
application/json 147.160.183.35
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.160.183.35 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: 4cdb949dc7ac26cf9062948b5d90900b
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Tue, 08 Aug 2023 16:41:44 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=1, origin;dur=86, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1691512904892103
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com
x-tt-logid: 2023080816414324F33C54A3B313393602
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b62a4b1e206c9a0df6ee896377b59746752bd8ba5f5a5b1a27aeec3debd071b5d7fe34609e2aa6b3d6ad7a69109f992ecfee07ce9f5583739da55cb951dd9e900d33e66cec299d30bd5f51c18f101b28ad6
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame F2C3 1 KB
1 KB 267ms
143ms XHR
application/json 147.160.183.35
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.160.183.35 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

0c1d87db404fb4c022b626af54fa12bd6d48774122a46d27471ec933e33a2742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Aug 2023 16:41:45 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1691512905162842
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=83, edge;dur=2
server: Tengine
x-tt-logid: 202308081641440B3D730FE5A0493F7EF6
x-outhost: mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b62c28a5cb0fd92fbe57220feef5b1c55f6fcee9cc2c9da8df901439bca25df46123dcb10523667e9b426e61def3530eb02398cfd7f2076163ff1d925b97ef5aab1c366d988932e585920ae8efe7531fc9d
access-control-allow-headers: Content-Type
bd-request-id: 567cb25b76c831f289b1fdb9bd7b655c

GET
H2 200 common-monitors.1.8.2.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/ Frame F2C3 20 KB
9 KB 149ms
52ms Script
application/javascript 193.108.153.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.8.2.js
Requested by: Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a7837ef50c4e0f020f85c0e2c65d2adea8c04572ff75f615ffe1fb63eebe7132

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 109a35e1
date: Tue, 08 Aug 2023 16:41:44 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 3sjW9GSXqca03/TiN8q+XQ==
x-tt-trace-id: 00-955e7bd71062007671845046066204d1-955e7bd710620076-01
x-cache: TCP_MEM_HIT from a23-54-206-16.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 7763
x-tos-request-id: b2ac4cc1e2d1f19064c1e2d1-abf365a
x-tos-response-time: Thu, 27 Jul 2023 03:21:53 GMT
last-modified: Wed, 19 Jul 2023 07:47:05 GMT
server: nginx
x-tt-logid: 20230727032223DD45F381124EABB8AF80
etag: W/"CIaGn+ejmoADEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
x-origin-response-time: 87,23.201.44.191
access-control-allow-credentials: false
x-tt-trace-host: 01b8294c439316d1decdfb8be614095102fe0bb2994e8c15272e95d8638b879018c333c4633558ad6a4841eb513786d8b3d390d2f8adcbf9faab9d8f5ba31f9ba96225d966cf8716759d0721872e711ce12e8f8ebb2c5216d8f1b311304d68689227ecc1a091339a9eb1df72641e1c3ead3d648d63c8662db274bba952e9c399bb
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 08 Aug 2023 16:46:44 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1611842401&t=adtiming&_s=2&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&ul=en-us&de=UTF-8&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5518&pdt=270&dns=0&rrt=1&srt=356&tcp=0&dit=973&clt=973&_gst=604&_gbt=1046&_u=YEDAAEABAAAAgCAAI~&jid=&gjid=&cid=1123997351.1691512900&tid=UA-77131735-1&_gid=333573546.1691512900&z=1608583393

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 19:03:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77898
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 19:03:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77898
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK /
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 0
0 262ms
150ms Preflight
application/json 2.16.241.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 60
Content-Type: application/json; charset=utf-8
Date: Tue, 08 Aug 2023 16:41:45 GMT
Expires: Tue, 08 Aug 2023 16:41:45 GMT
Pragma: no-cache
Server: nginx
Server-Timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=4 inner; dur=2
X-Akamai-Request-ID: 2519796d.2af0d9f9
X-Cache: TCP_MISS from a2-16-240-145.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Cache-Remote: TCP_MISS from a23-220-104-199.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Origin-Response-Time: 4,23.220.104.199
X-Parent-Response-Time: 98,2.16.240.145
X-Tt-Logid: 20230808164144B591E28FFF4BBB3C78E9
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b62fcac830e4a9f41c165b2e72e8ebc317f78564faae539e722a4bf0b04968172a2a19cf997d4cde10ef9e9537262fb8543d7caa657f40a610c09f022e9aa1fdc23829e4e00f07b931fd4fd6bd51fa24dbc9c4deecec9deb8652202751e10621b79
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK / Show response
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame F2C3 553 B
2 KB 163ms
162ms XHR
application/json 2.16.241.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63

Request headers

Referer: https://www.tiktok.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID: 251cdd84.2af0dba5
Date: Tue, 08 Aug 2023 16:41:45 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a2-16-240-145.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Parent-Response-Time: 102,2.16.240.145
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=13, inner; dur=6
Content-Length: 316
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20230808164144B591E28FFF4BBB3C792A
X-Cache-Remote: TCP_MISS from a23-220-104-199.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
X-Origin-Response-Time: 13,23.220.104.199
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b62fcac830e4a9f41c165b2e72e8ebc317f78564faae539e722a4bf0b04968172a2a19cf997d4cde10ef9e9537262fb8543d7caa657f40a610c09f022e9aa1fdc23fb7aba49010e4659741806d2c3f5f15230d851a0d3cacfa3f297231259c16d80
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Expires: Tue, 08 Aug 2023 16:41:45 GMT

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 144ms
144ms Preflight 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 08 Aug 2023 16:41:45 GMT
Server: nginx
Server-Timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=4 inner; dur=2
X-Origin-Response-Time: 5,23.220.104.198
X-Parent-Response-Time: 92,2.23.208.185
X-Tt-Logid: 2023080816414411E207E94114358E6745
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6255a121b1ceb293e8cc0eab15ddd2b41ea0daf592dfcac42424b8c356e4ec30b81a15963211c1e3994b4ad14987e9449e56ed407969f49fb6108b1f79f803989c3cacdaa11b12beae98648788db8ad45bc4539d0f1468b57b69c0bbab846bb61c
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame F2C3 21 B
1011 B 143ms
143ms XHR
application/json 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f

Request headers

Referer: https://www.tiktok.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 08 Aug 2023 16:41:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 92,2.23.208.185
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=2
Content-Length: 21
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308081641443FDB33E5E8AFF1862AED
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 5,23.220.104.203
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6255a121b1ceb293e8cc0eab15ddd2b41edd16459808dc90daeb6fb93d865b0bff720b9d1a06b80c6f119b29bfdee4492170b6dc6b3a9a85ac896bf211408ee8f15f1338dbb7db54ce21417d972b1d89fac303fa4237ef9b095ffe19332124e59b
Expires: 0

GET /
www.tiktok.com/api/recommend/embed_videos/ Frame F2C3 0
0

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame F2C3 0
0 260ms
162ms Ping
application/json 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame F2C3 0
0 252ms
151ms Ping
application/json 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
DATA 200
OK truncated
/ Frame F2C3 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 55ms
55ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-37FE33434K&gtm=45je3820&_p=1611842401&cid=1123997351.1691512900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1691512900&sct=1&seg=1&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&en=page_view&_ee=1&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37FE33434K&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK resource Show response
mssdk-va.byteoversea.com/web/ Frame F2C3 223 B
2 KB 443ms
191ms XHR
application/json 80.67.82.49

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.byteoversea.com/web/resource?eq=CyZ713JYEcCxNi2OvlAE3l2J9aAcQXGOJquxkloomtrdZ1Sl4ELHcMrJgnT-DetUMoEz9EB5VnmMHwsN24wKBxJVavQRiOa3
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 80.67.82.49 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8a735e43d23f2ca4b3c6402d0978efc5626a89887f000723474189c20fe94fda

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Akamai-Request-ID: 494290ae.4fcd8e
Date: Tue, 08 Aug 2023 16:41:45 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a80-67-82-45.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
X-Parent-Response-Time: 140,80.67.82.45
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=30, inner; dur=28
Content-Length: 230
X-Ms-Token: CbtJ9UYIhttke-bN69s7-AxMKZaUBeNQzeOqAydBiZ8eAwGtFWdehf9mULm3Vjy-vxCUjLxhBzTACfQI38c2q7tGgOImYc5CMVAYF-oX8dE=
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20230808164144E749B1E4A78B41271D4C
X-Cache-Remote: TCP_MISS from a23-218-220-150.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 30,23.218.220.150
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b62be015cac6642aaf9998275d051a80d573ea67c241b2068d96ce9040af23e911364a2e9aa37c2e74899bb1c05a0502d44540ec4c6b13f1533e7ffe5dff1c8cf8fdb08e8b39e73816806a6a6d3a670b410a56f1b1ef76c685f9dabce76bf0aeab4
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Tue, 08 Aug 2023 16:41:45 GMT

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 143ms
143ms Preflight 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 08 Aug 2023 16:41:45 GMT
Server: nginx
Server-Timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=4 inner; dur=2
X-Origin-Response-Time: 4,23.220.104.199
X-Parent-Response-Time: 92,2.23.208.185
X-Tt-Logid: 20230808164144578BC860881B07B885AE
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b6255a121b1ceb293e8cc0eab15ddd2b41ed7e66c976a5d84e165edc29e9c77e8bda45e21706713a04033e324b2e90c282ce671002214038a2f93aa36e23fdbe3fc951524ba993927d371454bfe3aa6e2e540dbc85d209202da91488db4d4ac8c4e
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame F2C3 21 B
937 B 140ms
139ms XHR
application/json 95.101.111.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf

Request headers

Referer: https://www.tiktok.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 08 Aug 2023 16:41:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
Cross-Origin-Resource-Policy: cross-origin
Server-Timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=89
Connection: keep-alive
Content-Length: 21
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20230808164144E66FB86A07ECE291F593
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 89,2.23.208.185
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b621dffc01d17780d3b8b4590a74c52e74b72b2071f68f91554628e0d595d8bdc2adc4f906b73666c6205b0b4b92db5ef890f1689ff543c55f9976dfaf88913c0d358be219c56871b2bf7b7e00aed8e1799
Expires: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 55ms
55ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XB05MSCPSD&gtm=45je3820&_p=1611842401&ul=en-us&sr=1600x1200&cid=1123997351.1691512900&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB&dt=Giveaway%3A%20Get%20Free%20CS%3AGO%20Skins%2C%20Rust%2FTF2%2FDota%202%20Items%20%7C%20Skins.Cash%20%7C%20Skins.Cash&sid=1691512900&sct=1&seg=1&en=page_view&_ee=1&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XB05MSCPSD&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://skins.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 16:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://skins.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webmssdk_ex.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/ Frame F2C3 409 KB
130 KB 168ms
50ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Requested by: Host: sf16-secsdk.ttwstatic.com
URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2ab83
date: Tue, 08 Aug 2023 16:41:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JOY5i10QgUHN/Pm1oN7JQg==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 3,23.33.32.239
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 132588
last-modified: Fri, 16 Jun 2023 05:21:54 GMT
opc-request-id: iad-1:4v8yN94Krvu21A_UsHSXUfiyYBd8Zqh_suW2OY39t5Tqt7S-zCMA7ZikOf0oQFRj
x-api-id: native
etag: e40a7621-2775-455f-b406-bb1cc47ba38c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 95f3a350-ab1d-468d-b639-5b320546947c
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:46 GMT

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 154ms
154ms Preflight
application/json 147.160.183.35
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.160.183.35 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: 5b2ff55f7f7f1787f05ce6332175cca1
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Tue, 08 Aug 2023 16:41:46 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=84, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1691512906363909
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com
x-tt-logid: 20230808164145F5FDA5315531F23048B7
x-tt-trace-host: 016d9baba067368a7d99681d4479d20b62a4b1e206c9a0df6ee896377b59746752cf35c3dd0060e5a188e38c3bdb7546c61087f041aa489c9b8dd411f02f1e20e4bf93782545a47b35672ba40d4653c34ac351a366cb8b9e55499dd497ea07aea8
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net

GET browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame F2C3 0
0

GET
H2 200 common-monitors.1.5.0.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame F2C3 19 KB
8 KB 48ms
48ms Script
application/javascript 23.0.174.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.5.0.js
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.174.249 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-0-174-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ee2abf7
date: Tue, 08 Aug 2023 16:41:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: lJMNanjiQY7KAJ1oFCsUBQ==
x-cache: TCP_MEM_HIT from a23-0-174-245.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 7318
last-modified: Wed, 15 Feb 2023 03:17:11 GMT
opc-request-id: iad-1:a9Odx4trFHhAUHQHvPMsQRl-eFx9sgq0TArq-lOEkI_BwaZxcN8bWaD5NarH-_TF
x-api-id: native
etag: f69b14ef-715b-4897-9d2b-f2811c896f09
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: bf1061da-7f62-45be-8168-83d7b672961a
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:41:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: skins.cash
URL: https://skins.cash/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A42%2Cr%3A403)

Domain: www.tiktok.com
URL: https://www.tiktok.com/api/recommend/embed_videos/?aid=1284&count=24&secUid=MS4wLjABAAAAe2TWi3qMRLH9VtNJ5YY7bKiN2yNtwDXIzEaubp0NQUtRT44flaA3IsXThda4oB8g&lang=en-US&msToken=&X-Bogus=DFSzswSOqZXANVTQt95ysPVeovgF&_signature=_02B4Z6wo00001Xif7IAAAIDA9hIqNnu.bhV4n-gAADr595

Domain: mon-va.byteoversea.com
URL: https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.googleadservices.com/pagead/conversion/862043340/	1970-01-20 16:01:28	Name: Conversion Value: EgwIABUAAAAAHQAAAAAYASCi1vqx4NvOvKgBSAFqXENqMEtDUWp3ejhlbUJoRHJBUklzQU5OSmpTNmtuOThnSGhReWc3NnYwSzhmSGNvbXFQSmxtalhaU2hYaFJtNHBRV1RLT1c0OTdnTWtIbndhQWlnVUVBTHdfd2NCcL3Qr73AzYADkAGPx7HVxBGYAQA
.accounts.livechatinc.com/v2/customer/token	1970-01-20 23:27:52	Name: __lc_cid Value: 2a5ed1f1-34b8-4d91-b8ed-a0f24e415fa0
.accounts.livechatinc.com/v2/customer/token	1970-01-20 23:27:52	Name: __lc_cst Value: 2d4353915e94062c486d4f8180fcfe08748ae786d354d513b383f794d34fdc46cad5e7a0787249a491402775346ca82b2712216076bc1375c87367486e6f
.accounts.livechatinc.com/customer/token	1970-01-20 23:27:52	Name: __lc_cid Value: 2a5ed1f1-34b8-4d91-b8ed-a0f24e415fa0
.accounts.livechatinc.com/customer/token	1970-01-20 23:27:52	Name: __lc_cst Value: 2d4353915e94062c486d4f8180fcfe08748ae786d354d513b383f794d34fdc46cad5e7a0787249a491402775346ca82b2712216076bc1375c87367486e6f
.skins.cash/	1970-01-20 22:36:23	Name: visid_incap_2425792 Value: pSS/9wyxShm3Va9kYSuXOkJw0mQAAAAAQUIPAAAAAADbGGMMp7bLG5Cy+sOEx1rg
.skins.cash/	1969-12-31 23:59:59	Name: incap_ses_1574_2425792 Value: agUFSH+jpC4OE2/kEfnXFUJw0mQAAAAAyoKu8QxUYhr+90eP/UnxYQ==
.skins.cash/	1970-01-20 16:01:28	Name: _gcl_aw Value: GCL.1691512900.Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
.skins.cash/	1970-01-20 16:01:28	Name: _gcl_au Value: 1.1.1172912755.1691512900
.skins.cash/	1970-01-20 16:01:28	Name: _rdt_uuid Value: 1691512900198.71abf1d3-8ef5-4850-9dfe-53ce4f8860a1
.tiktok.com/	1970-01-20 23:13:28	Name: _ttp Value: 2Ti58ONEEnUZa0UUj3kfaChQB7l
.skins.cash/	1970-01-20 13:53:19	Name: _gid Value: GA1.2.333573546.1691512900
.skins.cash/	1970-01-20 16:01:28	Name: _gac_UA-77131735-1 Value: 1.1691512900.Cj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
.skins.cash/	1970-01-20 13:51:52	Name: _gat Value: 1
.skins.cash/	1970-01-20 13:51:52	Name: _gat_UA-77131735-1 Value: 1
.doubleclick.net/	1970-01-20 13:51:53	Name: test_cookie Value: CheckForPermission
.skins.cash/	1970-01-20 23:27:52	Name: _ga Value: GA1.1.1123997351.1691512900
.skins.cash/	1970-01-20 23:27:52	Name: _ga_37FE33434K Value: GS1.1.1691512900.1.1.1691512900.60.0.0
.skins.cash/	1970-01-20 13:53:19	Name: _uetsid Value: 732edd70360a11ee996011d65283011d
.skins.cash/	1970-01-20 23:13:28	Name: _uetvid Value: 732f5160360a11eeadcb53e9ab61dd0e
.bing.com/	1970-01-20 23:13:28	Name: MUID Value: 14E492A1668767A92BD481C667F06623
.skins.cash/	1970-01-20 23:27:52	Name: _ga_323095743 Value: GS1.1.1691512900.1.0.1691512900.0.0.0
.onesignal.com/	1970-01-20 13:51:54	Name: __cf_bm Value: q9WntJOqYrqI9PwZafzWAFBdbNXMKCokmXKGDKfxHcQ-1691512900-0-ARV6JmNyDOgjNUy/ytJ1Rqc2S0Qa/Utmk+Dc/RJnCMd2KAwZQjibayJhe8DBJBucrPI0j6CBmpAyBjZITeli/8k=
.skins.cash/	1970-01-20 23:13:28	Name: _tt_enable_cookie Value: 1
.skins.cash/	1970-01-20 23:13:28	Name: _ttp Value: o9_8qAnDjgZ0B3xn4Bhvqeylret
.skins.cash/	1970-01-20 23:27:52	Name: _ga_XB05MSCPSD Value: GS1.2.1691512900.1.1.1691512900.60.0.0
.skins.cash/	1970-01-20 16:01:28	Name: _fbp Value: fb.1.1691512900918.96320991
.skins.cash/	1970-01-20 22:37:28	Name: _hjSessionUser_3297316 Value: eyJpZCI6IjUyMDBhMmM0LWY1YTItNTU0Ni04MGRlLTJhOWY4ZmM1NjI4ZiIsImNyZWF0ZWQiOjE2OTE1MTI5MDA5NTMsImV4aXN0aW5nIjpmYWxzZX0=
.skins.cash/	1970-01-20 13:51:54	Name: _hjFirstSeen Value: 1
.skins.cash/	1970-01-20 13:51:53	Name: _hjIncludedInSessionSample_3297316 Value: 0
.skins.cash/	1970-01-20 13:51:54	Name: _hjSession_3297316 Value: eyJpZCI6IjVlOTVlMmEzLTNhZjMtNDQ4ZS1hNDllLTAyMTNiODAzZjBmNSIsImNyZWF0ZWQiOjE2OTE1MTI5MDA5NjEsImluU2FtcGxlIjpmYWxzZX0=
.skins.cash/	1970-01-20 13:51:54	Name: _hjAbsoluteSessionInProgress Value: 0
skins.cash/	1970-01-20 14:06:16	Name: currency Value: %7B%22key%22%3A%22EUR%22%2C%22value%22%3A%22EUR%22%7D
.skins.cash/	1970-01-20 22:37:28	Name: AMP_040eab5d37 Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjc4ZjZiOWYzLTA5NWMtNGNiMS04OGNiLWEyZjVjMTNhNjhlNyUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjkxNTEyOTAxNDAyJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY5MTUxMjkwMTM3MyU3RA==
.gleam.io/	1970-01-20 13:51:54	Name: __cf_bm Value: XmyTAvLpZz7NLvFQYwizIXv3ZcK37x3UdDDh8JYMj_M-1691512901-0-AVhV7c+l/MBkWu6Uy0N0y19VwHdV/hwe6XoK94/fouZkKHCv7glfpLwGFg4AFxnCKo9TGXSnRvO2Q2y13iPKbSc=
gleam.io/	1970-01-20 13:51:56	Name: PP-psuHw Value: *
gleam.io/	1970-01-20 13:53:19	Name: owner_token Value: 1_kkTItVbkY38nsrOXPn2w
gleam.io/	1970-01-20 13:53:19	Name: RL-psuHw Value: https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
gleam.io/	1970-01-20 13:53:19	Name: L-psuHw Value: https%3A%2F%2Fskins.cash%2Ffree-skins-giveaway%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Deng_dsa_max%26utm_network%3Dx%26utm_term%3D%26utm_content%3D%26gad%3D1%26gclid%3DCj0KCQjwz8emBhDrARIsANNJjS6kn98gHhQyg76v0K8fHcomqPJlmjXZShXhRm4pQWTKOW497gMkHnwaAigUEALw_wcB
gleam.io/	1969-12-31 23:59:59	Name: _gfpc Value: t
gleam.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: I62jvSqQFaXDIi8MB8e6WS6SYSlM683d6TXrMIr354J3uCJTa4VJWuCh7QZkF21E6PUWXzoBtK--mnhdlxfHGw
gleam.io/	1970-01-20 14:32:12	Name: _app_session Value: P41v%2BARXMGQjjlqMy5cCmimdNUhyVGFdQToZf%2FqMZKmiUFWSJynOzyY2wzxqrx1huL6%2FgwkZGTQKu52NPjnKK%2Fhoop1ZD9tBpHc4ilF7qPwV%2BXwIxFbs%2FH%2BLiUUkqQ6K1G%2BjhB%2BQMoPUKMQarwAOStyzWSjS0VkJy5i5wwbaxIlFHj9%2BibrC%2FSCGjD%2BhykgypYUzC4%2BVaGBWWEs6KSj8v5ccU4jtaFEbIcVh%2B1XHI7%2BEh4Y%2FbEai3C39gbq7KfR4WaFUbdbiHJnX0jfdke1qmTXKo75z2gj2Oy%2FVkrrhTRyehG78tjIGp64g--Evm4cRF5zqXLP1Jl--X0Z0tMj97OscBNbzO3Nklw%3D%3D
gleam.io/	1969-12-31 23:59:59	Name: fpr Value: fd3cb7922f52e79411224c9c88db4a5f.7654f61f3383e1f33d44d36dfe33f003
.skins.cash/	1970-01-20 22:37:28	Name: AMP_MKTG_040eab5d37 Value: JTdCJTIydXRtX2NhbXBhaWduJTIyJTNBJTIyZW5nX2RzYV9tYXglMjIlMkMlMjJ1dG1fbWVkaXVtJTIyJTNBJTIyY3BjJTIyJTJDJTIydXRtX3NvdXJjZSUyMiUzQSUyMmdvb2dsZSUyMiUyQyUyMmdjbGlkJTIyJTNBJTIyQ2owS0NRand6OGVtQmhEckFSSXNBTk5KalM2a245OGdIaFF5Zzc2djBLOGZIY29tcVBKbG1qWFpTaFhoUm00cFFXVEtPVzQ5N2dNa0hud2FBaWdVRUFMd193Y0IlMjIlN0Q=
accounts.livechatinc.com/	1970-01-20 13:51:52	Name: __oauth_redirect_detector Value: counter=1&t=1691512933&tag=38d5c27b989c4f9ee4c4f5ac81b443c95fe41a86
.gleam.io/	1970-01-20 22:37:28	Name: cf_clearance Value: J0N9s3.plwikbMlAicAkW3_O0XDuPEhY9u4a_vJnm1Q-1691512903-0-1-6b64a146.84da4f0f.d3718c6e-0.2.1691512903
.tiktok.com/	1970-01-20 22:30:16	Name: ttwid Value: 1%7CtU_xpeTvxybIzYzHhpTGo9rzhnkahcxiR0hgG3xTtf8%7C1691512903%7Cbfaf0ead753338b1a07f79f5d9b33eb7e8b92de9444607e23afd3c11e92f862c

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://js.gleam.io/psuHw/embed.js?no_button(Line 431) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://cdn.livechatinc.com/widget/static/js/iframe.05de64dd.chunk.js(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cdn.livechatinc.com/tracking.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript	warning	URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js(Line 3) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
adservice.google.com
alb.reddit.com
analytics.tiktok.com
api.livechatinc.com
api2.amplitude.com
bat.bing.com
cdn.amplitude.com
cdn.fraudjs.io
cdn.livechatinc.com
cdn.onesignal.com
cdn.skins.cash
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gleam.io
googleads.g.doubleclick.net
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
lf16-tiktok-web.ttwstatic.com
mcs-va-useast2a.tiktokv.com
mon-va.byteoversea.com
mssdk-va.byteoversea.com
onesignal.com
p16-sign-va.tiktokcdn.com
platform.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
secure.livechatinc.com
sf16-secsdk.ttwstatic.com
sf16-short-va.bytedapm.com
sf16-website-login.neutral.ttwstatic.com
skins.cash
static.hotjar.com
stats.g.doubleclick.net
user-assets.out.sh
v19-web-newkey.tiktokcdn.com
vmweb-va.byteoversea.com
widget.gleamjs.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.redditstatic.com
www.tiktok.com
mon-va.byteoversea.com
skins.cash
www.tiktok.com
104.18.20.100
104.18.215.59
104.18.22.52
104.18.30.181
104.18.8.67
13.227.219.71
142.250.184.194
142.250.184.228
142.250.185.98
142.250.186.42
142.250.186.66
142.250.186.67
142.250.74.206
146.75.118.113
147.160.183.35
151.101.129.140
151.101.65.140
157.240.251.9
157.240.253.35
172.217.16.142
172.217.16.200
172.217.23.99
172.66.43.179
173.194.76.155
193.108.153.16
193.108.153.23
2.16.241.209
2.21.20.141
204.79.197.200
216.239.32.36
23.0.174.249
23.36.162.25
23.36.162.71
23.36.163.100
23.48.23.132
23.48.23.147
45.60.242.147
52.222.139.110
52.222.206.178
52.36.228.142
65.9.66.58
80.67.82.49
95.101.111.185
95.101.22.227
028143c1216923bd303c7bd4741cccdc294b05332879525b17cd1f133349654b
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
0c1d87db404fb4c022b626af54fa12bd6d48774122a46d27471ec933e33a2742
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
10406a51a40246d0f785ed9e3f2d7f92bbf17ab07407fec8649afbad4c06d106
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019
112e05fe003979b6152cb315f94a4d18cf9a44ae6211f4ad3aab28c987615ef6
124eb31e3e36a811643657dd9e25185f6bcb8aa81f17fddc727195326b3f58b0
1a12f95a273361e520e2d56f132ededd6aba7c5e4d505342ef84687cae4b922d
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
1cc3258d5c96bd0efe5ab7f3819d85db43c2d44cf10dd3b5f52fb666df7ff0cc
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
1f4ffd55dcf37f2b18c72d498d3a2314709d1f67fcaee090875e6f3824461052
2087bdc45f5733349ee3edb7ee302875e0cae18648d2eb8eed7956c962ac4213
20e498546752a07e5b98f3253d5fe4005a1ca499cffaacc771375db7c009ce19
21017fd31582e3295c114a03a3ae2aeb3d8608ceff8ccc4f44ffb81cfe9fdc0d
23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63
24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
29b29ed990b211e6aed56f55fe2228c7a6ebbca519a199d8a404f6af5744d9da
2a86bf5eb3215213e14be00861332f1a3975250da5c8e08b0c5e061e8bc8730f
2b8b7581b238a45d2d35cba26461e26f7e8eef5e2bdd637a97800d341758a9e0
2dab02f7a6b575fc683d1dad3446a900f93ba6c321eda402581b9fa6fb78eeda
2f099551678e77ad51b11aad6ad51cd8ad323f806f0298cd9834241f9cd11e80
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9
30d35105d135a54e177fb6ed77522aad4c17f8df120acf078f6ebc27a7c1455b
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b
31331cf072ee923d20b4b8fac9cefa019b25d3bad1b1a09daa14843b27f28a25
3673d0c77e38731d215bae02d49b72ffea27fe6bf411f9f9ca971ba0704012d5
372b2de1dbdc8aeace455198b83cf6c0751a0a089f42b2e13bb950f75ff3668e
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
40b7534375e2314a457cd48eb6b3d81b229d137a59a2527e85e998b2e21a8642
41793d9f4076b4282314eb417ca9d9e7e2af0449e41e7164347686e7bed9a2f5
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
46f3d4072f066f625499660807f42d009b98109322c78bd1f85bbe06d80d886c
475c6f7d52d246e49bb5a064ffd62f6b5eb9634909cb7b6812ea1577af45786e
47815943536bbba83e08683db5181d7fa13f6adcbd369db739081bf5e084dbb6
4945624bc5b9fce976af5d7da0e2ae72be767bb0bb14d585e6a457acfc65af7e
497b96002443b56e2078ed0ecf7cc427a9c3d5b81ebe7e44da24f17592488a4c
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
4ad201b8c20118aa9c3282250c854d6fbfa3514577a80cda8e2c7e4d4f5cc10b
4fa23074f33b629c8ac65755963e5edf567d5677bbc840534a1ff39ec0fe5d9f
50ac4e65f88ba93ebe32ce8c459af39549fc11acea0f9cfc53dd5baf9b0090aa
51827b027f755bde8d532318d7474bcfad2ac91e0c473caf5723510b10ba44a0
5556656f7427c3ed1b1793db0a0ae6ae349b25d1be0c2ffd88cbe784f5c463cc
59f52e48a00925cde85b827d94490fc6af4db1a3187b0e50611f513d08c63e8f
5a83ed1f01ec22527c19a4447613ea01ddec093f6505257575b1c183323479a3
5d6518513ae6fef5cb6d97c94a14dcbde416b70c2055256424f21f3e2a4d55da
5e9388e9b4bc739a8257f48eb8f055791c30cd27485e4ceb3a3c77ed1eac2433
5ee8cdbff8f0c9bbf4d9dd17c0611e98c11f70f22176377bd10d65beb0952410
5f1b7c160140627d80a8d4b4fb518b29e75f8b96c15cb40affa187acccf4732f
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab
61bc6a37f51d0b7eec6b50f62c51b9ab8fef483f5002268712a53fece9c0fc17
656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713
6703613ee782790dd723b3096e965d2a7f7a29f14a27a857cd4350421954caca
69c229b078ebde89060532783c42f44caa23f2704da00ac2524700dfe8d2e138
6f5984e9741ce26c39b3de01d3e4cb5241c8a9b1c1f2b89558ba9cb4a6da765a
722aae222ad1a22f05251999adbe50617c12e92ff218c4999f743f9a3698f776
730e4ef49515500576128b8115a1d558fe3617c2e923f5aceb77e08eb81eb99b
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68
7711541e8b44a4543b4595f6802ff82df3ad7cc6738279dfa929afb58448527d
787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf
7c29e06618dc90b2586a5d7bda20cb7a02a4b4d3fcc27d277d9d966f566910f6
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7ee3a95b764da2023d901d4ade4a2e890cbaad5c7fa9d594b2336a382edae209
7f9230751f2f93949799cd53bbfd0a05becb058541f87dcb1a0da4abade5c507
818d8bc60c43d9fc536680779302b6e5f7530bd8dc8c3becd6efe927c00e8564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8396a0a4f5a0459c1c7840cd241058bab80dfe1b73c0d0cb063803f1f971a5d1
8446749b9dd56cb9024f4d7179c49de3b1162c8625d11d225d4c604cefa5a8e7
853980f5e115fb1859de1f06dcb9f11153c355f85d58713ff48acc53d4c242d3
872377e2a20ee76da1af7041b9a58a8a9f9770c24d6e1dfb54f2f21bb15c1912
895f3740444229279a90a0cad4551410a2ea285de9654be552f579b5f5444098
8a735e43d23f2ca4b3c6402d0978efc5626a89887f000723474189c20fe94fda
8af933fdf42135c925a47d28b49268943fcc2c6206494a5900ced9c84d2b77f8
8dea1d3a2fedce3a256daaedfcd000d1934f8294528d15adc4daba6a184d992a
8f1fa4d91ddc0c35388c1a9bbc2e6538b7c513c7264cf2720f7a6bc8de24c1ce
9284ea2de0444c6d5ea101e16f22267cce4e79e34a879246cc9de12a6f726885
945dabdf258bb5bcdd0853c0bab9da74b6f6d5036b97f774a7d2850e1679ae0c
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f
961c3cf02123822bb7df2ed044c2a0de85ecde83e21a5090b40da309ee59b3a5
9837b15da4f9bb0f312eade52d306fa611ff2ce38faa7d601e816fa22f73ca5f
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
a02463f2bb7cd0089713b4a275387056441e1465d3520d9251a9cecabf206cf9
a0f46696a81fa510716fbfacd9f2c270ddf6164e2dcad509e1868875794add61
a7837ef50c4e0f020f85c0e2c65d2adea8c04572ff75f615ffe1fb63eebe7132
a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9
a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59
a9fe7c75a1ee86bed392daeb618dddf8a5e064181d4637f7fb66e26d4ffc3282
ab1d861f40e0b7a2773c61b30eaa39ba2af3d479aebd83dd7e03161de0e25298
ab5d750020edf9a78ad50fa1cd855932637fe0d503f7f134cd8c433153f5197b
adef62602f3fefd4e6f1d58bef7ff97640f6a52b55cc379d67ee4a283f3ac0b6
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af5914cce5bb215cc415cfdae012209479244929002c7691ec6c4ecd76aa3b22
afc7e434e07193c2b97d1c4f0dbed040f613bad205bba9ebdc26d342fc698cd5
b25557594383715049a812046f215c093e9e736386b66c00cb52f9a140e2dfab
b41d08b78cb7bc162f24a8a39ca51d0a49d8fa2295450ab107cdc3fede10ed07
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
ba2735c9da718210b17b73fe314fd449718a4c061d685f43a04c4ddf91b3d687
bccfc89a3ffa4a3d35daf5f1691f1da60da5445a1271291f4d8de04ff728f5d2
bd94de722b1a9a41b2998d9765e9013f242ca01fa545de5f1ed4dbf3a47abdcc
be6055153370002a78a8fa734e28b81a566e49855686b500cbbf8d42129a38db
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c0de7834b19f3304a0d98c9b6c955d46cb82f55dd46ef11a0a26a570d2bdc76c
c5794d1ef74910c4b1464df9af33cb9224db904aec7832b27ef9ca5a431318ae
c5e1fb2beae42d1bbb86ce9efcaa70ca20a9a1f06e151c4eb6648d068365db8e
c656a59862f316ee6c63faa82bd723de097311eabe361c05daaaed16bd04f865
cabe63a253de1fa09f8713dcaa367f34ab355b5081147c9b18a5e56563728892
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d354b92cc50e26da3614dc045836c906802bd58876e9759d4884320874e203fd
d41adeb27e8ff4ba3e91ba8f2e4a280ad3bd0b35627edb5d7404e57d5cc81add
d7c5f02b9dc1353e2fe5c53eb2a01c91fe40e891acc57f22b6bc7fb94d08097f
da1e15e35c92eb775437aa99ab251868b1a234d1058e6d88f2e5f22f1c7f14d1
da5a851abbf863d56abd6ab9d985f764cb7f183ec1e3d6e00e81d53e3254009a
dd20a5ae445a0c34086b9a504c099ecfe640c1dc0d9d97b5911e10df7ac46961
dd5b2c9cc465a9dbd061a8a8f1216a9e9487ae63b7fd08857d8908a8aaf11ce7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e190647cd2e0b0a82b5eb057ba5491e8ade873a48066512defaaef423eba1793
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b94100fca4474cf0d4d6cd97bd81d19ed1972457d7d7064beea9a0dcc0f5ed
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
ecc1d1ca2cdc1e069a4d5de159cd97618b4a501b31fc54549154c3248667f5c2
ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03
eee2d656be459793fb1890c61bfeb862722786549f6ef14ab87214f9f0677db1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d8d02f7a4a98f4d91c13536bbfdc41260477238ff0b31cd5baafa426ceb76e
f6a3e805d720c237dc55705834704def8e36de093fc25fa8c35e4f3fefeef5ab
f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2
fc9383cb3cbc196feb1abcf5238f5e62ccf947de7d97f5f4297c2104acca1548

skins.cash Open in urlscan Pro 45.60.242.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

97 %HTTPS

0 %IPv6

31 Domains

50 Subdomains

44 IPs

5 Countries

9099 kBTransfer

20182 kBSize

47 Cookies

6 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

skins.cash Open in urlscan Pro
45.60.242.147 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

97 %
HTTPS

0 %
IPv6

31
Domains

50
Subdomains

44
IPs

5
Countries

9099 kB
Transfer

20182 kB
Size

47
Cookies

188 HTTP transactions
12 data transactions