urlscan.io logo urlscan.io
SecurityTrails logo

tiktok.free-prize.site Open in urlscan Pro
136.243.91.167  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://v.ht/cpiJD
Effective URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Submission: On July 17 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 2 countries across 13 domains to perform 48 HTTP transactions. The main IP is 136.243.91.167, located in Germany and belongs to HETZNER-AS, DE. The main domain is tiktok.free-prize.site.
TLS certificate: Issued by R3 on June 15th 2023. Valid for: 3 months.
This is the only time tiktok.free-prize.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 2 69.61.26.123 141518 (SUBHOST-A...)
1 142.250.185.194 15169 (GOOGLE)
3 142.250.181.232 15169 (GOOGLE)
4 142.250.185.206 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
3 142.250.181.226 15169 (GOOGLE)
1 142.250.186.161 15169 (GOOGLE)
1 136.243.91.167 24940 (HETZNER-AS)
3 172.217.18.2 15169 (GOOGLE)
3 142.250.184.225 15169 (GOOGLE)
1 142.250.184.228 15169 (GOOGLE)
1 151.101.130.217 54113 (FASTLY)
3 142.250.186.42 15169 (GOOGLE)
9 18.173.184.26 16509 (AMAZON-02)
1 172.217.18.10 15169 (GOOGLE)
1 143.204.101.211 16509 (AMAZON-02)
1 172.217.23.110 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
4 108.138.34.181 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 142.250.186.131 15169 (GOOGLE)
1 142.250.185.106 15169 (GOOGLE)
48 23
2    69.61.26.123 (Atlanta, United States)

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)
v.ht
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googletagservices.com
3    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
4    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
26d35abcfac1a2c515593ec1ff347fad.safeframe.googlesyndication.com
1    136.243.91.167 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nino.kawaiihost.net
tiktok.free-prize.site
3    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
pagead2.googlesyndication.com
3    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
1    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
3    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
9    18.173.184.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-184-26.muc50.r.cloudfront.net
d266key948fg17.cloudfront.net
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
ajax.googleapis.com
1    143.204.101.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-211.fra50.r.cloudfront.net
d15skjf5hy9xr6.cloudfront.net
1    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net
translate.google.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
4    108.138.34.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-181.muc50.r.cloudfront.net
d2u5m3g6vn5zro.cloudfront.net
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o425163.ingest.sentry.io
1    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
1    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
translate.googleapis.com
Apex Domain
Subdomains		 Transfer
14 cloudfront.net
d266key948fg17.cloudfront.net
d15skjf5hy9xr6.cloudfront.net
d2u5m3g6vn5zro.cloudfront.net
1000 KB
7 googlesyndication.com
26d35abcfac1a2c515593ec1ff347fad.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
41 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
ajax.googleapis.com — Cisco Umbrella Rank: 433
translate.googleapis.com — Cisco Umbrella Rank: 1310
108 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
42 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
126 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
221 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
16 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
translate.google.com — Cisco Umbrella Rank: 1517
31 KB
2 v.ht
v.ht — Cisco Umbrella Rank: 826676
2 KB
1 sentry.io
o425163.ingest.sentry.io — Cisco Umbrella Rank: 824763
574 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4934
21 KB
1 free-prize.site
tiktok.free-prize.site
5 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
27 KB
48 13
Domain Requested by
9 d266key948fg17.cloudfront.net tiktok.free-prize.site
4 d2u5m3g6vn5zro.cloudfront.net d15skjf5hy9xr6.cloudfront.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
tiktok.free-prize.site
browser.sentry-cdn.com
3 fonts.googleapis.com tiktok.free-prize.site
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 www.googletagmanager.com v.ht
www.googletagmanager.com
www.google-analytics.com
2 v.ht 1 redirects
1 translate.googleapis.com
1 www.gstatic.com
1 o425163.ingest.sentry.io browser.sentry-cdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 translate.google.com tiktok.free-prize.site
1 d15skjf5hy9xr6.cloudfront.net tiktok.free-prize.site
1 ajax.googleapis.com tiktok.free-prize.site
1 browser.sentry-cdn.com tiktok.free-prize.site
1 www.google.com tpc.googlesyndication.com
1 tiktok.free-prize.site v.ht
1 26d35abcfac1a2c515593ec1ff347fad.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagservices.com v.ht
48 22

This site contains no links.

Subject Issuer Validity Valid
www.v.ht
R3		 2023-07-01 -
2023-09-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.tiktok.free-prize.site
R3		 2023-06-15 -
2023-09-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
ingest.sentry.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-28		 a year crt.sh

This page contains 4 frames:

Primary Page: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Frame ID: 2E4581FC95D70637E9917B80F14874AA
Requests: 42 HTTP requests in this frame

Frame: https://26d35abcfac1a2c515593ec1ff347fad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6AEDD0719E28150F65852BCB279E58C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4ECF6BC3F44681A158F96A3C2098DD8E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9994C4CF67E19F257BD5E15203160221
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FREE GIFT CARDSFree Gift Cards Code Generator 2023Gift Cards Giveaway

Page URL History Show full URLs

  1. http://v.ht/cpiJD HTTP 301
    https://v.ht/cpiJD Page URL
  2. https://tiktok.free-prize.site/ab7458e?s1=SRUTU Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

96 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

23
IPs

2
Countries

1641 kB
Transfer

2813 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://v.ht/cpiJD HTTP 301
    https://v.ht/cpiJD Page URL
  2. https://tiktok.free-prize.site/ab7458e?s1=SRUTU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://v.ht/cpiJD HTTP 301
  • https://v.ht/cpiJD

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cpiJD
v.ht/
Redirect Chain
  • http://v.ht/cpiJD
  • https://v.ht/cpiJD
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.ht/cpiJD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.123 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software
Hotcores.com /
Resource Hash
b73ed7e2052b37100db47ea237a0cec11114299bf9bf4d6dd832e25c4be97434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Date
Mon, 17 Jul 2023 08:06:17 GMT
I-AM
Gamma
Pragma
no-cache
Server
Hotcores.com
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 17 Jul 2023 08:06:16 GMT
Location
https://v.ht/cpiJD
Server
Hotcores.com
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: v.ht
URL: https://v.ht/cpiJD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
86d77bae02b4f65dad24e1a34a66911e8c4a0c41b85a96633f4af100db91fca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27637
x-xss-protection
0
server
cafe
etag
203 / 19555 / m202307100101 / config-hash: 3977741291496309648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 08:12:58 GMT
js
www.googletagmanager.com/gtag/ 		177 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Requested by
Host: v.ht
URL: https://v.ht/cpiJD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c587c8f02e13af26902b467b5db7476f78457f3dd07cdcb8e4882829f57aa70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65769
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 08:12:58 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8TV54DGHNR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4a43b29aa34459b16dc8f6976257fb6ec71a98c133a85128d724544d6d892d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77809
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jul 2023 08:12:58 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Jul 2023 06:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5860
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 17 Jul 2023 08:35:19 GMT
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8TV54DGHNR&gtm=45je37c0&_p=1662523786&cid=1262248977.1689581579&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689581578&sct=1&seg=0&dl=https%3A%2F%2Fv.ht%2FcpiJD&dt=cpiJD&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TV54DGHNR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 08:12:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v.ht
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 16:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
58192
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127471
x-xss-protection
0
server
cafe
etag
16392902606907886609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 15 Jul 2024 16:03:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		26 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
19dc99a8224767e303208b156949a2c7b99e67dbe02ef9aa078fecaa28d3616e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
x-xss-protection
0
expires
Mon, 17 Jul 2023 08:12:59 GMT
collect
www.google-analytics.com/j/ 		1 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1662523786&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2FcpiJD&ul=en-us&de=UTF-8&dt=cpiJD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=500213517&gjid=198089858&cid=1262248977.1689581579&tid=UA-31510493-3&_gid=1406929045.1689581579&_r=1&gtm=457e37c0&jsscut=1&z=439034371
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://v.ht/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 08:12:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v.ht
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		654 B
688 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2212327032135777&correlator=2473872536763029&eid=31074949%2C31075149%2C31075341&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fif&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=495576698&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1689581579250&lmt=1689581579&dlt=1689581578701&idt=525&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fv.ht%2FcpiJD&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1262248977.1689581579&ga_sid=1689581579&ga_hid=1662523786&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e7009cd3b552da0fd01aa8249e5a67c0037e196ebc17fa618470e3dde86abb88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://v.ht
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
26d35abcfac1a2c515593ec1ff347fad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6AED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://26d35abcfac1a2c515593ec1ff347fad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 08:12:59 GMT
expires
Tue, 16 Jul 2024 08:12:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Primary Request ab7458e
tiktok.free-prize.site/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Requested by
Host: v.ht
URL: https://v.ht/cpiJD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.91.167 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nino.kawaiihost.net
Software
LiteSpeed /
Resource Hash
0952d14abd1c8c2f5613c9849c503073f08873feb989177055c58d080727fa25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=2592000
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 17 Jul 2023 08:13:00 GMT
expires
Wed, 16 Aug 2023 08:13:00 GMT
server
LiteSpeed
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11935
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jul 2023 08:12:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4ECF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
36628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 22:02:31 GMT
expires
Mon, 15 Jul 2024 22:02:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9994 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mkt5uGy_LcITcIS6QDORig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-mkt5uGy_LcITcIS6QDORig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 08:12:59 GMT
expires
Mon, 17 Jul 2023 08:12:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 4ECF 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 15:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
59004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Jul 2024 15:49:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9994 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307100101&jk=2212327032135777&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4ECF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-wbEdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:12:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.google-analytics.com/g/ 		0
0
bundle.min.js
browser.sentry-cdn.com/6.4.1/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://tiktok.free-prize.site
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:13:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 19 May 2021 16:36:38 GMT
server
Fastly
age
12674786
etag
"42639cce5db857005b8285dedd67553d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20972
expires
Tue, 20 Feb 2024 15:26:33 GMT
css2
fonts.googleapis.com/ 		2 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Play&display=swap
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
21bd412e6f0194e40a95dfd691aa92118cd91b5b7376bbcbce67a1eeda772872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jul 2023 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 07:47:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jul 2023 08:13:00 GMT
css2
fonts.googleapis.com/ 		792 B
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Titan+One&display=swap
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
06a6fea416f7f8b332ff2704ca4c953e4b52aba4891b8242c56960adecffb982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jul 2023 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 07:51:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jul 2023 08:13:00 GMT
css2
fonts.googleapis.com/ 		2 KB
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lalezar&display=swap
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
51aad182cb1ca119a63a117975dafb10990dd2c8a4e5b4dd2e14035d11d7205a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jul 2023 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 07:38:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jul 2023 08:13:00 GMT
1683821243986ab5b36ea6e24ab27279df4b40f880.png
d266key948fg17.cloudfront.net/uploads/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1683821243986ab5b36ea6e24ab27279df4b40f880.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdc3cd4b757def8ea8afc8a977e8644cd1880e2a2a0560ededf01accebd8d45c

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
IxO2deYMxA8vbjAkNsMg21GSCHiOgyaM
date
Mon, 17 Jul 2023 07:59:04 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 16:07:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
837
x-amz-server-side-encryption
AES256
etag
"e2215117b437c1e66f63db7a41820e0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
114697
x-amz-cf-id
SNGTTGVI9PiKbmGFwqb1DCuwVGnGei_bdfZVEI6hmidr28BVgDWNxw==
1683818158326dd135573221c39f5dd471fe046b40.png
d266key948fg17.cloudfront.net/uploads/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1683818158326dd135573221c39f5dd471fe046b40.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee5332b09302eb2cdad9ada0af01a360e0125f0059d90854bf82681d115b0d87

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ZnnAPFN7nAgxUXnk2gY2JazLwPsLhqwM
date
Mon, 17 Jul 2023 07:59:04 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 15:16:00 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
837
x-amz-server-side-encryption
AES256
etag
"4ca73bd795f3946d63b2cd5a5230bf0f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
91444
x-amz-cf-id
gncVYtaitb2hJ0nOkLPtDnXkfcb8fThneTwz1wmB2twaX1EUfXoEOA==
1683818157b7c421e3474c5e6943e2c52f41f8739e.png
d266key948fg17.cloudfront.net/uploads/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1683818157b7c421e3474c5e6943e2c52f41f8739e.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4e8f95800a9a33db697ed39502888fd2d8a1a28b0434baed08683aa80080fe0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
OTcVaOwJF2nrUkLQyPHanhzX35Mbe2zU
date
Mon, 17 Jul 2023 07:59:04 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 15:15:58 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
836
x-amz-server-side-encryption
AES256
etag
"36fbde68463b8a72b7780206ddeafb60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
152953
x-amz-cf-id
Lb0ZCHoJojRTsjjkvCugIOOnUcO0KdoAtq_QP23fB9-s6hU3WIKILw==
1683818156b55eae7cbde685cba10d58b1a4e8400b.png
d266key948fg17.cloudfront.net/uploads/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1683818156b55eae7cbde685cba10d58b1a4e8400b.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c04476957d3c87531160ea753add6d1e26463ca4a0adbbf847cc352dd4bd526a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
VttdHtKufCmHfdvssEfRVVqo2drPYW4e
date
Mon, 17 Jul 2023 07:59:05 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 15:15:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
836
x-amz-server-side-encryption
AES256
etag
"beb50e6e8da40914d037be7717204290"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
102457
x-amz-cf-id
sVG40QAE7ZtSEpMe3Ie8GRHBxKYR92Smdrs4d9KDbcO8IrZ6je-JbA==
16838181561f899016077b1127bd8aa53ae2e150b7.png
d266key948fg17.cloudfront.net/uploads/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16838181561f899016077b1127bd8aa53ae2e150b7.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8f5cfb329d5cebf8e15bcc39726782faf3529218d5ac9c2e59c4257f3d688e3

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
0g0rEqSpKVIlRj7nQebScM2VjaYUEoW6
date
Mon, 17 Jul 2023 08:13:00 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 15:15:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
836
x-amz-server-side-encryption
AES256
etag
"610de42e8cc91fdc01ddd165621bc5a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
89453
x-amz-cf-id
go2i4-kPJGP4FhVL4JWxeoa9F5Qm93APARxiDNzKebFp0E9S_xjrBQ==
1684155310267998e7a5b757480d3198e78c91f42f.png
d266key948fg17.cloudfront.net/uploads/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/1684155310267998e7a5b757480d3198e78c91f42f.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f8ce3bd180be68bea6481d08bf538b641dfc1a36c90f242ec60b75aa8b623a4

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
E_5xU3kq7xSbtr6RSJimDIWeSEKhbYrA
date
Mon, 17 Jul 2023 08:13:00 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 12:55:12 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
836
x-amz-server-side-encryption
AES256
etag
"069bc1daf05209d8bc4df367c06dca31"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
228432
x-amz-cf-id
Q_bCPgdkE4DFyviHuWg_m8E2Va6CBXCT1zMLT_mBYgugGGh1QRc8mA==
16838181594d232e02c591ec614299a15f7b99c92a.png
d266key948fg17.cloudfront.net/uploads/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16838181594d232e02c591ec614299a15f7b99c92a.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c69f8fb5376f976af9686387c7c66bad5244cb6a5880b6eeacfb021cbf5e454

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
iklsq8Ltt6y8rpKvGlAKqeLeZPTn2nGN
date
Mon, 17 Jul 2023 08:13:00 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 15:16:00 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
836
x-amz-server-side-encryption
AES256
etag
"10bfbc26174585324afa30992480fb42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95386
x-amz-cf-id
YmZunHBg-otN6qpH4IZVjxQFMdBYGmLlMxa4Z0Vr0acTADjmEMdjpQ==
168381816130f90fe19776ba9afa4bf6ab85ea8725.png
d266key948fg17.cloudfront.net/uploads/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/168381816130f90fe19776ba9afa4bf6ab85ea8725.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffadd3e47e2e383a4e25db3b2fd2fdbd56639347ee4e0b1818d24b6925ea8348

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
yT6MmfLBIOPxlFcuq7DmFuf3NeXYYjCe
date
Mon, 17 Jul 2023 07:59:05 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Thu, 11 May 2023 15:16:02 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
836
x-amz-server-side-encryption
AES256
etag
"f30da598df0b9ea83988ef4eee35fdf0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
89638
x-amz-cf-id
gRAmJlxUclakx7Pkqyp0YszVRfAQnK5kVtX4drqPw1R8x-Auo9e9EA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 15:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jul 2024 15:17:04 GMT
fe8c21f.js
d15skjf5hy9xr6.cloudfront.net/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15skjf5hy9xr6.cloudfront.net/fe8c21f.js
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-211.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 07:50:40 GMT
content-encoding
br
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jun 2023 13:23:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1375
etag
W/"07ace30cbd77eb9d6e74843abfd10980"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-id
dWBJB6nUtH95THZhg49BQj7OTX7_PivFaz04BorITUk2dIO7wdrlAA==
element.js
translate.google.com/translate_a/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f110.1e100.net
Software
ESF /
Resource Hash
cdedd87d74e58c710f701dbad59ce587308197dd8b0d1384ad8b358a0bf99d1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Jul 2023 06:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5861
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 17 Jul 2023 08:35:19 GMT
16456066916a38f76ae3e8e9726290ecaff38046f2.png
d266key948fg17.cloudfront.net/uploads/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/16456066916a38f76ae3e8e9726290ecaff38046f2.png
Requested by
Host: tiktok.free-prize.site
URL: https://tiktok.free-prize.site/ab7458e?s1=SRUTU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.184.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-184-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e90f3ef231d9b8c0871201da1135b8b1c156a9fdaac624ab368695f1276a0b9c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tiktok.free-prize.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
feXPtQKsqBjA.yJS7XuZz0bIQAGPBMH3
date
Mon, 17 Jul 2023 08:12:50 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:58:13 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
1772
etag
"6964ff24ad45b4c30c15081c6147ab08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
19705
x-amz-cf-id
1siga2lbyYctyWY-tgu_zhNofjn8K3i8AR1sh0zIJGyQNnitIlmPQQ==
mFTzWbsGxbbS_J5cQcjClDgm.woff2
fonts.gstatic.com/s/titanone/v13/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titanone/v13/mFTzWbsGxbbS_J5cQcjClDgm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titan+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2f15f138af309ad659b62246999cccc2da21759ec8619d7e6ea759e8eb5a7a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tiktok.free-prize.site
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 15:02:58 GMT
x-content-type-options
nosniff
age
148202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:40:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 15:02:58 GMT
html.3999691.aa923.0.js
d2u5m3g6vn5zro.cloudfront.net/public/external/v2/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2u5m3g6vn5zro.cloudfront.net/public/external/v2/html.3999691.aa923.0.js
Requested by
Host: d15skjf5hy9xr6.cloudfront.net
URL: https://d15skjf5hy9xr6.cloudfront.net/fe8c21f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-181.muc50.r.cloudfront.net
Software
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
4a4329ebbfcc81604327a8c6d8928f406baab404537cbe040ea0fcc7350bff97

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:13:00 GMT
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
server
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MUC50-P2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
3URKMdBx0z6X1R3xPvcSVnSXNU_EGCt0M49kbzq09W7et6d-2kWcLw==
css_front.css
d2u5m3g6vn5zro.cloudfront.net/public/external/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2u5m3g6vn5zro.cloudfront.net/public/external/css_front.css
Requested by
Host: d15skjf5hy9xr6.cloudfront.net
URL: https://d15skjf5hy9xr6.cloudfront.net/fe8c21f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-181.muc50.r.cloudfront.net
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:13:00 GMT
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MUC50-P2
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
JEuqeVADyYgwxVi7A4UQEKSbwtY814tstN8ZqfHJsfDNKTRBINCzlw==
/
o425163.ingest.sentry.io/api/5780930/store/ 		198 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tiktok.free-prize.site/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Jul 2023 08:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
14:default;error;security;attachment:organization:error_usage_exceeded
retry-after
14
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.it.IiP90tsRF6Q.O/d=1/rs=AN8SPfp47ZEMwTsU0CYE2LI39RkgQQyzyw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 10:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4396
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 10:19:19 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.it.IiP90tsRF6Q.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp47ZEMwTsU0CYE2LI39RkgQQyzyw/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.it.IiP90tsRF6Q.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp47ZEMwTsU0CYE2LI39RkgQQyzyw/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.it.IiP90tsRF6Q.O/d=1/rs=AN8SPfp47ZEMwTsU0CYE2LI39RkgQQyzyw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
sffe /
Resource Hash
191d55290e3f695a2964ca8b7d5462a3a7fded17dbffa4e70363397aa55d9639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77481
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 03:09:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 18:37:00 GMT
collect
www.google-analytics.com/j/ 		15 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2096928410&t=pageView&_s=1&dl=https%3A%2F%2Ftiktok.free-prize.site%2Fab7458e%3Fs1%3DSRUTU&dr=https%3A%2F%2Fv.ht%2F&ul=en-us&de=UTF-8&dt=FREE%20GIFT%20CARDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=2105914796&gjid=1909889504&cid=1748232990.1689581581&tid=UA-85922709-2&_gid=1503022999.1689581581&_r=1&_slc=1&cd1=0&z=447910464
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 08:13:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tiktok.free-prize.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EL9WPX8S0Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fb491df9401645e285ebd43fc9219ccec56a5b35830f6fd411217e9df9dbe3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:13:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81882
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jul 2023 08:13:00 GMT
css.css
d2u5m3g6vn5zro.cloudfront.net/public/clockers/CustomButton/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2u5m3g6vn5zro.cloudfront.net/public/clockers/CustomButton/css.css
Requested by
Host: d15skjf5hy9xr6.cloudfront.net
URL: https://d15skjf5hy9xr6.cloudfront.net/fe8c21f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-181.muc50.r.cloudfront.net
Software
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:13:01 GMT
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MUC50-P2
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
nl5mgWLf508NarOP8n1h4SuczeSIQBp8IsI2hlThVWoYNGM1VWwaEg==
guid
d2u5m3g6vn5zro.cloudfront.net/public/ 		0
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2u5m3g6vn5zro.cloudfront.net/public/guid?cpguid=8d2fcfxf4&s1=SRUTU&e=ll&t=1689581581531
Requested by
Host: d15skjf5hy9xr6.cloudfront.net
URL: https://d15skjf5hy9xr6.cloudfront.net/fe8c21f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-181.muc50.r.cloudfront.net
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:13:01 GMT
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MUC50-P2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
w7WYDyPgLPrRv4yTPol8j9s40edTFPRHMP8rM9UeQAiwRfHXB5yApA==
check.php
d2u5m3g6vn5zro.cloudfront.net/public/external/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8TV54DGHNR&gtm=45je37c0&_p=1662523786&cid=1262248977.1689581579&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1689581578&sct=1&seg=0&dl=https%3A%2F%2Fv.ht%2FcpiJD&dt=cpiJD&en=user_engagement&_et=1085
Domain
d2u5m3g6vn5zro.cloudfront.net
URL
https://d2u5m3g6vn5zro.cloudfront.net/public/external/check.php?it=3999691&time=1689581583158

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google number| myVar2 function| UserTimer string| date function| card function| bntnext object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

11 Cookies

Domain/Path Name / Value
.v.ht/ Name: _ga
Value: GA1.2.1262248977.1689581579
.v.ht/ Name: _gid
Value: GA1.2.1406929045.1689581579
.v.ht/ Name: _gat_gtag_UA_31510493_3
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.v.ht/ Name: __gads
Value: ID=88864be78e264032:T=1689581579:RT=1689581579:S=ALNI_MYA6XGVzYZ9FuOxiHJjjTKdhR_2NA
.v.ht/ Name: __gpi
Value: UID=00000c3e937f3ad3:T=1689581579:RT=1689581579:S=ALNI_Mb_erpM8UdC2uGNOMIZeZQNOxW1xQ
.v.ht/ Name: _ga_8TV54DGHNR
Value: GS1.1.1689581578.1.0.1689581580.0.0.0
tiktok.free-prize.site/ Name: _cpguid
Value: 8d2fcfxf4
.free-prize.site/ Name: _ga
Value: GA1.2.1748232990.1689581581
.free-prize.site/ Name: _gid
Value: GA1.2.1503022999.1689581581
.free-prize.site/ Name: _gat_customTemplateGlobal
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26d35abcfac1a2c515593ec1ff347fad.safeframe.googlesyndication.com
ajax.googleapis.com
browser.sentry-cdn.com
d15skjf5hy9xr6.cloudfront.net
d266key948fg17.cloudfront.net
d2u5m3g6vn5zro.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
o425163.ingest.sentry.io
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tiktok.free-prize.site
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
v.ht
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
d2u5m3g6vn5zro.cloudfront.net
region1.google-analytics.com
108.138.34.181
136.243.91.167
142.250.181.226
142.250.181.232
142.250.184.225
142.250.184.228
142.250.185.106
142.250.185.194
142.250.185.206
142.250.185.99
142.250.186.131
142.250.186.161
142.250.186.42
143.204.101.211
151.101.130.217
172.217.18.10
172.217.18.2
172.217.23.110
18.173.184.26
216.239.34.36
34.120.195.249
69.61.26.123
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06a6fea416f7f8b332ff2704ca4c953e4b52aba4891b8242c56960adecffb982
0952d14abd1c8c2f5613c9849c503073f08873feb989177055c58d080727fa25
191d55290e3f695a2964ca8b7d5462a3a7fded17dbffa4e70363397aa55d9639
19dc99a8224767e303208b156949a2c7b99e67dbe02ef9aa078fecaa28d3616e
21bd412e6f0194e40a95dfd691aa92118cd91b5b7376bbcbce67a1eeda772872
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
2f15f138af309ad659b62246999cccc2da21759ec8619d7e6ea759e8eb5a7a53
4a4329ebbfcc81604327a8c6d8928f406baab404537cbe040ea0fcc7350bff97
4a43b29aa34459b16dc8f6976257fb6ec71a98c133a85128d724544d6d892d56
51aad182cb1ca119a63a117975dafb10990dd2c8a4e5b4dd2e14035d11d7205a
5f8ce3bd180be68bea6481d08bf538b641dfc1a36c90f242ec60b75aa8b623a4
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c69f8fb5376f976af9686387c7c66bad5244cb6a5880b6eeacfb021cbf5e454
7cbce275a31a0b2113cb9469ddb1fe41b820be2ba9eb221f618d4cf92c0cafd4
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
86d77bae02b4f65dad24e1a34a66911e8c4a0c41b85a96633f4af100db91fca4
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b73ed7e2052b37100db47ea237a0cec11114299bf9bf4d6dd832e25c4be97434
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
c04476957d3c87531160ea753add6d1e26463ca4a0adbbf847cc352dd4bd526a
c587c8f02e13af26902b467b5db7476f78457f3dd07cdcb8e4882829f57aa70d
cdedd87d74e58c710f701dbad59ce587308197dd8b0d1384ad8b358a0bf99d1e
d4e8f95800a9a33db697ed39502888fd2d8a1a28b0434baed08683aa80080fe0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7009cd3b552da0fd01aa8249e5a67c0037e196ebc17fa618470e3dde86abb88
e8f5cfb329d5cebf8e15bcc39726782faf3529218d5ac9c2e59c4257f3d688e3
e90f3ef231d9b8c0871201da1135b8b1c156a9fdaac624ab368695f1276a0b9c
ee5332b09302eb2cdad9ada0af01a360e0125f0059d90854bf82681d115b0d87
fb491df9401645e285ebd43fc9219ccec56a5b35830f6fd411217e9df9dbe3f9
fdc3cd4b757def8ea8afc8a977e8644cd1880e2a2a0560ededf01accebd8d45c
ffadd3e47e2e383a4e25db3b2fd2fdbd56639347ee4e0b1818d24b6925ea8348