giveaway.su Open in urlscan Pro
2606:4700:3032::681f:461d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://giveaway.su/giveaway/view/1782
Submission Tags: falconsandbox
Submission: On December 08 via api (December 8th 2020, 4:59:11 pm UTC) from US

Summary HTTP 37 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 11 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3032::681f:461d, located in United States and belongs to CLOUDFLARENET, US. The main domain is giveaway.su.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time giveaway.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3032::681f:461d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
3	2.16.106.208 2.16.106.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
37	9

11 2606:4700:3032::681f:461d (United States)

ASN13335 (CLOUDFLARENET, US)

giveaway.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.106.208 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-106-208.deploy.static.akamaitechnologies.com

steamcdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	giveaway.su giveaway.su	282 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	147 KB
5	doubleclick.net googleads.g.doubleclick.net
4	yandex.ru 1 redirects mc.yandex.ru	42 KB
3	akamaihd.net steamcdn-a.akamaihd.net	107 KB
3	cloudflare.com cdnjs.cloudflare.com	87 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	29 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	169 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	642 B
37	11

	Domain	Requested by
11	giveaway.su	giveaway.su
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	mc.yandex.ru	1 redirects giveaway.su
4	pagead2.googlesyndication.com	giveaway.su pagead2.googlesyndication.com
3	steamcdn-a.akamaihd.net	giveaway.su
3	cdnjs.cloudflare.com	giveaway.su cdnjs.cloudflare.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	maxcdn.bootstrapcdn.com	giveaway.su
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
37	12

This site contains links to these domains. Also see Links.

Domain
store.steampowered.com
steamdb.info
vloot.io
www.facebook.com
twitter.com
discord.gg
vk.com

Subject Issuer	Validity	Valid
giveaway.su Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://giveaway.su/giveaway/view/1782
Frame ID: E32655D946E92B8F8AF01A5E9ED18741
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 48D197B3FD4E62476A50F82EE1F401DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&adk=1812271804&adf=3025194257&lmt=1607446725&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732711&bpp=16&bdt=6709&idt=65&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3004320723710&frm=20&pv=2&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=88
Frame ID: 9F842E1BCC6993DB30F787567F5E5D6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=300&slotname=5609925032&adk=3199083228&adf=3708337159&pi=t.ma~as.5609925032&w=468&lmt=1607446725&rafmt=12&psa=0&format=468x300&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732727&bpp=5&bdt=6725&idt=85&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WZAvamxZLQ&p=https%3A//giveaway.su&dtd=96
Frame ID: 45F8F7D95F869FA9369B8E3D67428BB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=117&slotname=7379664364&adk=3970977540&adf=344000781&pi=t.ma~as.7379664364&w=468&fwrn=4&lmt=1607446725&rafmt=11&psa=0&format=468x117&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732732&bpp=2&bdt=6730&idt=133&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x300&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PrFgahaCFi&p=https%3A//giveaway.su&dtd=143
Frame ID: F8E3028443EA570989DDE10E66CFE4F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=250&slotname=5609925032&adk=1037274087&adf=913327582&pi=t.ma~as.5609925032&w=320&lmt=1607446725&rafmt=12&psa=0&format=320x250&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732734&bpp=2&bdt=6732&idt=146&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x300%2C468x117&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1135&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y680YyEwwk&p=https%3A//giveaway.su&dtd=152
Frame ID: 96385B9112E5614042A121EFF6C89634
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 7D39EED5DAC01093EFBEBB78FEA4F3CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

37
Requests

100 %
HTTPS

78 %
IPv6

11
Domains

12
Subdomains

9
IPs

5
Countries

721 kB
Transfer

1447 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://store.steampowered.com/app/494580
Title: View the game on Steam

Search URL Search Domain Scan URL

URL: https://steamdb.info/app/494580
Title: Search the game on SteamDB

Search URL Search Domain Scan URL

URL: https://vloot.io/?utm_source=giveaway.su&utm_medium=cpc&utm_campaign=Vloot
Title: More giveaways

Search URL Search Domain Scan URL

URL: https://www.facebook.com/giveawaysu/

Search URL Search Domain Scan URL

URL: https://twitter.com/giveaway_su

Search URL Search Domain Scan URL

URL: https://discord.gg/DSfejm8

Search URL Search Domain Scan URL

URL: https://vk.com/giveawaysu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://mc.yandex.ru/watch/44693908?wmode=7&page-url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0jw8vt%3Afp%3A6760%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A310%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A257965615%3Az%3A60%3Ai%3A20201208175852%3Aet%3A1607446733%3Ac%3A1%3Arn%3A635226207%3Arqn%3A1%3Au%3A1607446733474211236%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1607446725866%3Ads%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6654%2C0%2C%2C%2C%2C6790%3Adsn%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6657%2C0%2C%2C%2C%2C6790%3Arqnl%3A1%3Ati%3A2%3Ast%3A1607446733%3At%3AFree%20Steam%20keys%20%22STANDBY%22%20-%20GiveAway.su HTTP 302
https://mc.yandex.ru/watch/44693908/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0jw8vt%3Afp%3A6760%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A310%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A257965615%3Az%3A60%3Ai%3A20201208175852%3Aet%3A1607446733%3Ac%3A1%3Arn%3A635226207%3Arqn%3A1%3Au%3A1607446733474211236%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1607446725866%3Ads%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6654%2C0%2C%2C%2C%2C6790%3Adsn%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6657%2C0%2C%2C%2C%2C6790%3Arqnl%3A1%3Ati%3A2%3Ast%3A1607446733%3At%3AFree%20Steam%20keys%20%22STANDBY%22%20-%20GiveAway.su

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1782 Show response
giveaway.su/giveaway/view/ 38 KB
8 KB 131ms
98ms Document
text/html 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Champion/1.0.0

Resource Hash

09941ea9809d0b39bee974918cab597342fde1dc5882fd18b72f6c98ebb625ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: giveaway.su
:scheme: https
:path: /giveaway/view/1782
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:45 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dca676f122b5c5c5b107c073d8afd2dde1607446725; expires=Thu, 07-Jan-21 16:58:45 GMT; path=/; domain=.giveaway.su; HttpOnly; SameSite=Lax user=88falvoqr6206e45ae9govnnn7; expires=Wed, 08-Dec-2021 16:58:45 GMT; Max-Age=31536000; path=/; domain=giveaway.su; secure
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Champion/1.0.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache no-cache
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
last-modified: Tue, 08 Dec 2020 16:58:45 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
cf-request-id: 06e4e39d0d00002c56fe233000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jwR%2B%2BMcNeegHJxJZ1%2BobR6Qa%2FTc%2FQB1B4ui6w33oHFYua2K73PX%2BXkJ9sj6vm5CthLVj9OLbeWUcLAgsQuq%2Fm4R5HGMs8lLOytI5s3gcoXzsMwHMMJ%2BqWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fe80874ead32c56-FRA
content-encoding: br

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 6522ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://giveaway.su
Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 56 KB
11 KB 38ms
16ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://giveaway.su
Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 534760
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10022
cf-request-id: 06e4e39d8d00001f3142971000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-de0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qTKNQBR1azJP1%2BhXGjbY5lQEEQPvw3hF7qqYucbaRvnz7LPjeNHvwOY9AOXaLpU1WJkUdNsXkdbPUca7t6r5ndjT4nN6kpBJukfsMy%2FAWSXiwg%2BXHdbr%2BFWWrE0fhrI5KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe80875ad5f1f31-FRA
expires: Sun, 28 Nov 2021 16:58:46 GMT

GET
H2 200 materialdesignicons.min.css
giveaway.su/assets/vendor/materialdesignicons/css/ 103 KB
18 KB 18ms
17ms Stylesheet
text/css 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://giveaway.su/assets/vendor/materialdesignicons/css/materialdesignicons.min.css

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

508e9ff8ec81b25cd376f4a76d6efbbbf05f9684b8560fe6f86be93ce1353b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2514384
cf-request-id: 06e4e39d7900002c5648ab5000000001
last-modified: Sun, 03 Jun 2018 16:42:51 GMT
server: cloudflare
etag: W/"5b141a8b-19cdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DuUg7PppaptRvmt%2BocZPpLdlGaZDOHHyPx7eIBtYrfornXuk7IellQ5kAF7R%2BiIQLLH0AbSDiuiVFVontvCUw%2BEgiy3wzpkt7bOMmrPezN8lMcyE1VsnLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 5fe808758cce2c56-FRA
expires: Tue, 09 Nov 2021 14:32:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
46 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c300b2811698bc68ed2928ff2686ed40e21753f1d308956268f567ab2149e576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47065
x-xss-protection: 0
server: cafe
etag: 860246916715892492
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 16:58:52 GMT

GET
H2 200 ad.js Show response
giveaway.su/new/ 74 B
424 B 104ms
103ms Script
application/javascript 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://giveaway.su/new/ad.js?adsdata=1607446725.8258

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Champion/1.0.0

Resource Hash

6916d3aa59c889405df7766218f3c6411c9c4ba0d6f05037f318dbce28336350

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Champion/1.0.0
vary: Accept-Encoding
cf-request-id: 06e4e39d7900002c56f5be2000000001
pragma: no-cache
last-modified: Tue, 08 Dec 2020 16:58:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lgcWeRMSvf8MMohGEnzNnCKTUzAXFk2%2BgkAFM5Q3oPUSek%2BCioI5UGWQk0JwyloO6bFJ3UJJz1aNvSBZHo%2B87SPL%2F%2BAtkjf43JMbB8n021ak7FgQCLALYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=7200, must-revalidate
cf-ray: 5fe808758ccf2c56-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 header-logo-en.png
giveaway.su/assets/images/template/ 10 KB
10 KB 18ms
16ms Image
image/png 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giveaway.su/assets/images/template/header-logo-en.png

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f085fda43cc39d62617246b869c0b4c9e894abce1b4b25d2962e1500c9cf905a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2620082
content-length: 10198
cf-request-id: 06e4e3b71200002c561f850000000001
last-modified: Fri, 11 Aug 2017 23:44:47 GMT
server: cloudflare
etag: "598e416f-27d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZMYScnNtStIUJBrz56%2FGA7obb%2FoH9oNWblwhlUHB4orWj83W3S%2FFrOzkZxA1hnpBhzcPLrh1yTg8Xdcno0bpTnzfby%2FzEsa75z%2BGCmnVQ%2B%2FNWqs5GyvTjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fe8089e79ff2c56-FRA
expires: Mon, 08 Nov 2021 09:10:50 GMT

GET
H2 200 header.jpg
steamcdn-a.akamaihd.net/steam/apps/494580/ 27 KB
27 KB 95ms
30ms Image
image/jpeg 2.16.106.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/steam/apps/494580/header.jpg?t=1501506354
Requested by: Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.208 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-106-208.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8a6e281f9e024a4413ea8ec47e1675b37ed4b73be9d78de3212b7c9c6310cd25

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
last-modified: Fri, 06 Jan 2017 17:46:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "586fd7df-6caf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=602206
accept-ranges: bytes
content-length: 27823
expires: Tue, 15 Dec 2020 16:15:38 GMT

GET
H2 200 header.jpg
steamcdn-a.akamaihd.net/steam/apps/1409000/ 38 KB
39 KB 124ms
59ms Image
image/jpeg 2.16.106.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/steam/apps/1409000/header.jpg?t=1501506354
Requested by: Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.208 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-106-208.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0a491045bd6fb9a3481ce47f0e494e3e4dbe8cd57b84da77b9d7ccfcf33e0b00

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
last-modified: Thu, 10 Sep 2020 12:44:33 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f5a1fb1-99a4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428453
accept-ranges: bytes
content-length: 39332
expires: Sun, 13 Dec 2020 15:59:45 GMT

GET
H2 200 header.jpg
steamcdn-a.akamaihd.net/steam/apps/729660/ 40 KB
41 KB 149ms
84ms Image
image/jpeg 2.16.106.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/steam/apps/729660/header.jpg?t=1501506354
Requested by: Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.208 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-106-208.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 597af37c9b2ade9f6f4996667a80631457f9a4a0fabb493efa891da00ceb8c24

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
last-modified: Wed, 11 Oct 2017 20:43:12 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "59de8260-a182"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=579114
accept-ranges: bytes
content-length: 41346
expires: Tue, 15 Dec 2020 09:50:46 GMT

GET
H2 200 adjs-adblock-plus.png
giveaway.su/assets/images/adblock/ 48 KB
48 KB 19ms
17ms Image
image/png 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giveaway.su/assets/images/adblock/adjs-adblock-plus.png

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3fd34570bf1f85e2e62f00aada47eb3335c4b05f5f9d0fe16e5198442eca337

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 834908
content-length: 48976
cf-request-id: 06e4e3b71100002c56268ef000000001
last-modified: Wed, 21 Nov 2018 20:14:29 GMT
server: cloudflare
etag: "5bf5bca5-bf50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nu36AfhpNij8DNdSagMfCClDQXxcbnjxIX%2BmzxvF%2Bep2BlDEIjD%2BKI6P7uyuYsT1imcRl8JeXTKere02qKWOLaRDWOFNj%2FCLZUjSJbNfiU7VjVmK4f%2Fp9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fe8089e7a012c56-FRA
expires: Mon, 29 Nov 2021 01:03:44 GMT

GET
H2 200 adjs-adblock.png
giveaway.su/assets/images/adblock/ 88 KB
89 KB 25ms
23ms Image
image/png 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giveaway.su/assets/images/adblock/adjs-adblock.png

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7739c6198df993ba190985df7e6bc530c908888685ab2604f2cfcbe9827bdcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2890502
content-length: 90465
cf-request-id: 06e4e3b71100002c562a972000000001
last-modified: Wed, 21 Nov 2018 20:14:29 GMT
server: cloudflare
etag: "5bf5bca5-16161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9BDUdaUlrKJP2c1FL%2B0Nr3XIGGhxGWg6lvRHqJBpX%2BsO5iWT1A6tHtZFuwQe0HSWC819VUukf%2BXmfTIalvczqCR%2BLorDfJB7awfcodVEx0X%2FLlzAsNp17g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fe8089e7a042c56-FRA
expires: Fri, 05 Nov 2021 06:03:50 GMT

GET
H2 200 adjs-ublock.png
giveaway.su/assets/images/adblock/ 64 KB
65 KB 24ms
22ms Image
image/png 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giveaway.su/assets/images/adblock/adjs-ublock.png

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c7c994e7f84aa369efe3f927a58e8a11fda15b922570f95ade440ba4b2e47c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 834908
content-length: 66014
cf-request-id: 06e4e3b71100002c56f91c7000000001
last-modified: Wed, 21 Nov 2018 20:14:29 GMT
server: cloudflare
etag: "5bf5bca5-101de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qwAILhzgBaeQV9ohEiuqIHObs2YT5JLOkRfLsWBaAZA2xdjcz8bfY1coXNbb%2F%2BN%2F%2Bx0O7%2BTQmwNzt4vh%2BfI%2BeUC3IqXeCvlKwFzGigLjDbU57gfaM2CVSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fe8089e7a072c56-FRA
expires: Mon, 29 Nov 2021 01:03:44 GMT

GET
H2 200 jquery.min.js Show response
giveaway.su/assets/vendor/jquery/ 85 KB
29 KB 19ms
18ms Script
application/javascript 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://giveaway.su/assets/vendor/jquery/jquery.min.js

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 381203
cf-request-id: 06e4e39de100002c565634e000000001
last-modified: Fri, 11 Aug 2017 22:12:22 GMT
server: cloudflare
etag: W/"598e2bc6-15282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hv3kdMjpzXT1UmWFUqkJzxa9HbpvRnRY92%2FF8uNTir%2BNp8AWISaOZ3obS4Qomthek1MmsHWtpxmY0ZvVQa7NHN9Zi2F9u8ZSg%2Bpxaiz2TTFFd9EthHzcKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5fe808763e822c56-FRA
expires: Sat, 04 Dec 2021 07:05:23 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 6408ms
25ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://giveaway.su
Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 md5.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.7.0/js/ 4 KB
2 KB 61ms
47ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.7.0/js/md5.min.js

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23408009ba01435932dbdf7fe0b562dadcc484239fc757bb2db09c1619fb33c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 534713
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1346
cf-request-id: 06e4e3b72900001f1569910000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-f2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gzj6cV6HoW28gP%2FzhO9tCQKOCwZRNqJvlrwyur1C0nQ2U3o6ncH3i4mp4sO5T%2F%2ByBvqsoa8UaQXW7VzoCnnn4AAAIamxbjqveq3tCiFb%2B%2BQmLNai3dUyuKdas3rWqNywMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe8089e8b8b1f15-FRA
expires: Sun, 28 Nov 2021 16:58:52 GMT

GET
H2 200 main.js Show response
giveaway.su/assets/js/ 28 KB
6 KB 29ms
27ms Script
application/javascript 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://giveaway.su/assets/js/main.js?version=071220202359

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4d5c733c95836c25c9c14e3a4040ecadbf4d7ae164449dc21bc5546f9f9107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 24568
cf-request-id: 06e4e3b71000002c561d88e000000001
last-modified: Mon, 07 Dec 2020 21:00:40 GMT
server: cloudflare
etag: W/"5fce97f8-6f2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mfHPQKoHJA%2FEkyM1Odq7lTrMW8mDMwSFWNRS9cKzZKLgR6jEMYIXqZ%2Fay5CqrtBdiUKLeU24xKYtoUdvpbDRoviHva%2BuAGcDU%2FWV43ue2%2BQcfuiyvo%2FhQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5fe8089e79fc2c56-FRA
expires: Wed, 08 Dec 2021 10:09:24 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 116 KB
41 KB 131ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4ac6a5d5c97e4cdb9204457a65ede6f2feacec1cbbb58d97c570e20d4bbec3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: br
last-modified: Mon, 07 Dec 2020 18:16:38 GMT
etag: "5fca462d-a0d8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 41176
expires: Tue, 08 Dec 2020 17:58:52 GMT

GET
H2 200 steam-icons.png
giveaway.su/assets/images/ 1 KB
2 KB 12ms
12ms Image
image/png 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giveaway.su/assets/images/steam-icons.png

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0003af8a3cf240091a4c17f523ab213e1646c8c0845190918f8893633f5e5568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2714425
content-length: 1213
cf-request-id: 06e4e3b71300002c562a1af000000001
last-modified: Fri, 11 Aug 2017 23:23:47 GMT
server: cloudflare
etag: "598e3c83-4bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cog8ksUCKyR3dz0Y1oWdURAHEdyFYeFimz6Uql%2FPxsPW21avUERbRJeF%2BK5ZyLtYFfbcKR33CyANMhtWnWGkWe6tonfDtr2B3wdqWhvxYvdmQclkfrNqFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fe8089e8a132c56-FRA
expires: Sun, 07 Nov 2021 06:58:27 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
74 KB 15ms
15ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://giveaway.su
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 534762
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75336
cf-request-id: 06e4e3b71400001f317ab9e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1fiwlFonnJF3CcUqTSEtM3WrtWWwMyFNBHWzpSZJdWx%2FZ%2B9m469mKLrkY8K6bA9mfbRGpLRcnFytUEaVRPfRhQZ%2Fmb2EpHqQKSc2vDbFTFum90D0wgAVQxBZBaC3O54bng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe8089e89751f31-FRA
expires: Sun, 28 Nov 2021 16:58:52 GMT

GET
H2 200 social.png
giveaway.su/assets/images/ 6 KB
7 KB 14ms
14ms Image
image/png 2606:4700:3032::681f:461d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giveaway.su/assets/images/social.png

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681f:461d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd382bc2adf1e8957875fb7adf7d7bb5b0b907cbd52ee13abdb7f8412be3a14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2514377
content-length: 6343
cf-request-id: 06e4e3b77500002c566e9ef000000001
last-modified: Fri, 11 Aug 2017 22:12:22 GMT
server: cloudflare
etag: "598e2bc6-18c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B8tkVqyJrsXWrBdgHaR9WNth8Ll6DnAo%2FiWTLVaI5TNuHgaPlgMySH9QF87nKRCTdcVa8YTyX27g9cSHFFL0UA1KvOMNwIf4FSvqf2BxUAuvpYdeKLq06A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fe8089f1b9b2c56-FRA
expires: Tue, 09 Nov 2021 14:32:35 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 16:58:52 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 48D1 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://giveaway.su/giveaway/view/1782
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://giveaway.su/giveaway/view/1782

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Dec 2020 10:01:15 GMT
expires: Tue, 22 Dec 2020 10:01:15 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 25057
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
642 B 99ms
36ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=giveaway.su&callback=_gfp_s_&client=ca-pub-9511722580094287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

5641e2dbb3850361bf291d42be046aaa28910bc0d1510f0cd0d659244a8f5b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=giveaway.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 18ms
17ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=giveaway.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9F84 0
0 60ms
59ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&adk=1812271804&adf=3025194257&lmt=1607446725&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732711&bpp=16&bdt=6709&idt=65&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3004320723710&frm=20&pv=2&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&adk=1812271804&adf=3025194257&lmt=1607446725&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732711&bpp=16&bdt=6709&idt=65&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3004320723710&frm=20&pv=2&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://giveaway.su/giveaway/view/1782
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://giveaway.su/giveaway/view/1782

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Dec 2020 16:58:52 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 08-Dec-2020 17:13:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Dec 2020 16:58:52 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187f0e2d2331f649e0afc51f0567cf23ef47d57283aa928313452eb1a559efb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607379317188095"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28447
x-xss-protection: 0
expires: Tue, 08 Dec 2020 16:58:52 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 45F8 0
0 313ms
313ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=300&slotname=5609925032&adk=3199083228&adf=3708337159&pi=t.ma~as.5609925032&w=468&lmt=1607446725&rafmt=12&psa=0&format=468x300&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732727&bpp=5&bdt=6725&idt=85&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WZAvamxZLQ&p=https%3A//giveaway.su&dtd=96

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=300&slotname=5609925032&adk=3199083228&adf=3708337159&pi=t.ma~as.5609925032&w=468&lmt=1607446725&rafmt=12&psa=0&format=468x300&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732727&bpp=5&bdt=6725&idt=85&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WZAvamxZLQ&p=https%3A//giveaway.su&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://giveaway.su/giveaway/view/1782
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://giveaway.su/giveaway/view/1782

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Dec 2020 16:58:53 GMT
server: cafe
content-length: 13051
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 08-Dec-2020 17:13:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Dec 2020 16:58:53 GMT
cache-control: private

GET
H2

200

1 Show response
mc.yandex.ru/watch/44693908/
Redirect Chain

https://mc.yandex.ru/watch/44693908?wmode=7&page-url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0jw8vt%3Afp%3A6760%3A...
https://mc.yandex.ru/watch/44693908/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0jw8vt%3Afp%3A6760%...

186 B
268 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/44693908/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0jw8vt%3Afp%3A6760%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A310%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A257965615%3Az%3A60%3Ai%3A20201208175852%3Aet%3A1607446733%3Ac%3A1%3Arn%3A635226207%3Arqn%3A1%3Au%3A1607446733474211236%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1607446725866%3Ads%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6654%2C0%2C%2C%2C%2C6790%3Adsn%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6657%2C0%2C%2C%2C%2C6790%3Arqnl%3A1%3Ati%3A2%3Ast%3A1607446733%3At%3AFree%20Steam%20keys%20%22STANDBY%22%20-%20GiveAway.su

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1c3ca81c4bd9811c6f5d067d51a0679a1a6baa814d8a5f8de5d07274b52bbd97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 16:58:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 08-Dec-2020 16:58:52 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://giveaway.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Tue, 08-Dec-2020 16:58:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Dec 2020 16:58:52 GMT
last-modified: Tue, 08-Dec-2020 16:58:52 GMT
location: /watch/44693908/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0jw8vt%3Afp%3A6760%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A310%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A257965615%3Az%3A60%3Ai%3A20201208175852%3Aet%3A1607446733%3Ac%3A1%3Arn%3A635226207%3Arqn%3A1%3Au%3A1607446733474211236%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1607446725866%3Ads%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6654%2C0%2C%2C%2C%2C6790%3Adsn%3A7%2C25%2C99%2C1%2C0%2C0%2C%2C6657%2C0%2C%2C%2C%2C6790%3Arqnl%3A1%3Ati%3A2%3Ast%3A1607446733%3At%3AFree%20Steam%20keys%20%22STANDBY%22%20-%20GiveAway.su
strict-transport-security: max-age=31536000
access-control-allow-origin: https://giveaway.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 08-Dec-2020 16:58:52 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame F8E3 0
0 475ms
474ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=117&slotname=7379664364&adk=3970977540&adf=344000781&pi=t.ma~as.7379664364&w=468&fwrn=4&lmt=1607446725&rafmt=11&psa=0&format=468x117&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732732&bpp=2&bdt=6730&idt=133&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x300&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PrFgahaCFi&p=https%3A//giveaway.su&dtd=143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=117&slotname=7379664364&adk=3970977540&adf=344000781&pi=t.ma~as.7379664364&w=468&fwrn=4&lmt=1607446725&rafmt=11&psa=0&format=468x117&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732732&bpp=2&bdt=6730&idt=133&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x300&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=642&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PrFgahaCFi&p=https%3A//giveaway.su&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://giveaway.su/giveaway/view/1782
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://giveaway.su/giveaway/view/1782

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Dec 2020 16:58:53 GMT
server: cafe
content-length: 24309
x-xss-protection: 0
set-cookie: IDE=AHWqTUmXQXW5ZxDHShyG6Uf7-hh9ImnsN430PQB9kUu3ggidTma6TVB7YgOZHyKW; expires=Sun, 02-Jan-2022 16:58:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Dec 2020 16:58:53 GMT
cache-control: private

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 43ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: giveaway.su
URL: https://giveaway.su/giveaway/view/1782

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:52 GMT
last-modified: Mon, 07 Dec 2020 18:16:38 GMT
etag: "5fca462d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 08 Dec 2020 17:58:52 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9638 0
0 561ms
559ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=250&slotname=5609925032&adk=1037274087&adf=913327582&pi=t.ma~as.5609925032&w=320&lmt=1607446725&rafmt=12&psa=0&format=320x250&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732734&bpp=2&bdt=6732&idt=146&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x300%2C468x117&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1135&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y680YyEwwk&p=https%3A//giveaway.su&dtd=152

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9511722580094287&output=html&h=250&slotname=5609925032&adk=1037274087&adf=913327582&pi=t.ma~as.5609925032&w=320&lmt=1607446725&rafmt=12&psa=0&format=320x250&url=https%3A%2F%2Fgiveaway.su%2Fgiveaway%2Fview%2F1782&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607446732734&bpp=2&bdt=6732&idt=146&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x300%2C468x117&nras=1&correlator=3004320723710&frm=20&pv=1&ga_vid=752134949.1607446733&ga_sid=1607446733&ga_hid=2026990195&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1135&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067214%2C21068946&oid=3&pvsid=2069876728001140&pem=221&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8448&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y680YyEwwk&p=https%3A//giveaway.su&dtd=152
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://giveaway.su/giveaway/view/1782
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://giveaway.su/giveaway/view/1782

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Dec 2020 16:58:53 GMT
server: cafe
content-length: 26015
x-xss-protection: 0
set-cookie: IDE=AHWqTUmslEjRwL3Jowf6FsglgPzMLsFlfxwehVTuJTNZNGrFcfmJni69zmG2GkrT; expires=Sun, 02-Jan-2022 16:58:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Dec 2020 16:58:53 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
28ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78710054aa1101bdfe5349564e93e23e1eb3ac07e0c501c468e715f0c52af1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 16:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6408
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 16:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 08 Dec 2020 16:58:53 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 7D39 0
0 7ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://giveaway.su/giveaway/view/1782
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://giveaway.su/giveaway/view/1782

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 08 Dec 2020 15:53:02 GMT
expires: Wed, 08 Dec 2021 15:53:02 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3951
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 16ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=2069876728001140&bg=!bm2lbU3NAAUbEDgJG1j0Hp6xGXRzlQIAAAC_UgAAACBoAQcKAbtOYs3oGVg4D_4z3TK-2H29Xzgw8h7TnfwSgCW2GcW4xG3RjEUQvDia_ro_L834HjhEmDqlf4mYT4pJpVBvqNP7Gl33x5XtsYZFlg8PkM0e7e1hmqGENoggIYYpoX4FMl6ROIx4YEqctLKvWfz7-Kr4orHDzexb6dc5b9LD3uSmEFYtTQSyPxI7xOxYhVf8exVIfxaKcEnHGYI0NVw5m9-AA3U9dpFn9MM7JuGXX2SA1anrsVqXI_n1ISO8jI52bTdz-_NoVtk9kPezVpsTi3FqHCsshTXGyH2Xs6X4XFXgKz_znrO-Nn4WHI85UAgICaCt8sgDMHFxpPt_FRrG6H_ubHF3Ek-59NzCY6vn5vGGyicUFYlwZYfXMzZbuaVHJWq0nxFrQQevD3FZ-rwBM5_DvLS0MeUktoPgSPBMXUdDbhfmQz_gswj4fpXwcMSGI-9JtqdcQlDSW-6VGDQRo_uJmNz2GxrdSYHCtQrFSxqYEk58rUHTICkv3LXO82FF671Ffc6t4nQOlNJA59VBE7WbypShMDk6iBS_vDyE09J0BW8vD4XZTjH9uISQzQgG2OeMk-a15z5d2rHnbZkBtDfSaiFvXoJ7OjN_dLUneCQuVFFWY9yUtd_to7Q_5L4uHYNs7CjrwC1SbDVVKu9KNFu0fMuCDOduFJHxCnsMnlCpox6MtPFlK6KB2YW721lmTurDDJleQ5HJOrrk9a8mU_Po__YZ-Fjxm9t0utn1dL7FcpHLTZ8Ukz_Pqa4sU9hgETzWumIIMvh1dqz7m5kr8pJ-o3CU_hN1pd4xjY0e7Qv6liJOr_h-zAVvXze4VuOKBjTJQxyl6tI1B0vVxtcxoFfhjOf9gRvdrp88PiyFlyu4GDTZsSytAJLhux7LneQhM-KPAG-95milISxj1bZZwUFUIahloOUiWxm4Ba6fBc9WR3PuhD7sFg86hzv4yjNkATH_AQSCzll6YUUnAC-6JzCEB0BCe0f9ZR94Mez7ws3EzUdgxNzghH0Okdy2RTPeCMX-CTrYGImxrOa2ZYYmAm-N-76Yo2fa3NSpa7VjzCC4jg46vXOoaWsOcBQU4fif4GkYYeY4W6akTy7uT2pZesoE4A3Tmbbmc9QlNcmb5FK3CAEKFW8VCNTwfIRK-XfzqEV0gdIAoXbN_cCpoqLuE2X4MRI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.su/giveaway/view/1782
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 16:58:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 14:30:50	Name: DSID Value: NO_DATA
.giveaway.su/	1970-01-19 14:30:48	Name: _ym_visorc Value: w
.giveaway.su/	1970-01-19 14:31:58	Name: _ym_isad Value: 2
.giveaway.su/	1970-01-19 23:52:22	Name: __gads Value: ID=f04b9c005bd53f56-227f50f486a6008f:T=1607446732:RT=1607446732:S=ALNI_MYyFs4dcekXEq5UPRqgxBAbWAwISQ
.giveaway.su/	1970-01-19 23:16:22	Name: _ym_uid Value: 1607446733474211236
.giveaway.su/	1970-01-19 23:16:22	Name: _ym_d Value: 1607446733
.giveaway.su/	1970-01-19 23:16:22	Name: user Value: 88falvoqr6206e45ae9govnnn7
.doubleclick.net/	1970-01-19 23:52:22	Name: IDE Value: AHWqTUmslEjRwL3Jowf6FsglgPzMLsFlfxwehVTuJTNZNGrFcfmJni69zmG2GkrT
.giveaway.su/	1970-01-19 15:13:58	Name: __cfduid Value: dca676f122b5c5c5b107c073d8afd2dde1607446725

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
giveaway.su
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
steamcdn-a.akamaihd.net
tpc.googlesyndication.com
www.googletagservices.com
2.16.106.208
2001:4de0:ac19::1:b:2b
216.58.206.2
2606:4700:3032::681f:461d
2606:4700::6810:135e
2a00:1450:4001:800::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2001
2a02:6b8::1:119
0003af8a3cf240091a4c17f523ab213e1646c8c0845190918f8893633f5e5568
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09941ea9809d0b39bee974918cab597342fde1dc5882fd18b72f6c98ebb625ef
0a491045bd6fb9a3481ce47f0e494e3e4dbe8cd57b84da77b9d7ccfcf33e0b00
187f0e2d2331f649e0afc51f0567cf23ef47d57283aa928313452eb1a559efb4
1c3ca81c4bd9811c6f5d067d51a0679a1a6baa814d8a5f8de5d07274b52bbd97
23408009ba01435932dbdf7fe0b562dadcc484239fc757bb2db09c1619fb33c6
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
3c7c994e7f84aa369efe3f927a58e8a11fda15b922570f95ade440ba4b2e47c9
4ac6a5d5c97e4cdb9204457a65ede6f2feacec1cbbb58d97c570e20d4bbec3d0
508e9ff8ec81b25cd376f4a76d6efbbbf05f9684b8560fe6f86be93ce1353b66
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5641e2dbb3850361bf291d42be046aaa28910bc0d1510f0cd0d659244a8f5b2a
597af37c9b2ade9f6f4996667a80631457f9a4a0fabb493efa891da00ceb8c24
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6916d3aa59c889405df7766218f3c6411c9c4ba0d6f05037f318dbce28336350
7739c6198df993ba190985df7e6bc530c908888685ab2604f2cfcbe9827bdcd1
78710054aa1101bdfe5349564e93e23e1eb3ac07e0c501c468e715f0c52af1ed
8a6e281f9e024a4413ea8ec47e1675b37ed4b73be9d78de3212b7c9c6310cd25
a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f
ae4d5c733c95836c25c9c14e3a4040ecadbf4d7ae164449dc21bc5546f9f9107
c300b2811698bc68ed2928ff2686ed40e21753f1d308956268f567ab2149e576
cd382bc2adf1e8957875fb7adf7d7bb5b0b907cbd52ee13abdb7f8412be3a14f
d3fd34570bf1f85e2e62f00aada47eb3335c4b05f5f9d0fe16e5198442eca337
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f085fda43cc39d62617246b869c0b4c9e894abce1b4b25d2962e1500c9cf905a
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

giveaway.su Open in urlscan Pro 2606:4700:3032::681f:461d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

78 %IPv6

11 Domains

12 Subdomains

9 IPs

5 Countries

721 kBTransfer

1447 kBSize

9 Cookies

7 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

giveaway.su Open in urlscan Pro
2606:4700:3032::681f:461d Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

78 %
IPv6

11
Domains

12
Subdomains

9
IPs

5
Countries

721 kB
Transfer

1447 kB
Size

9
Cookies

37 HTTP transactions
0 data transactions