giveaway-baim.ga Open in urlscan Pro
62.77.156.111  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response giveaway-baim.ga/	14 KB 3 KB	446ms 355ms	Document text/html	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash b6e4d70c8b48078b7f132fd8a65d12a09eea4d12a2d09f95615cc11eb5dddcc0 Request headers Host giveaway-baim.ga Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Content-Encoding gzip Vary Accept-Encoding Date Sat, 28 Nov 2020 04:33:59 GMT Server LiteSpeed
GET H/1.1	200 OK	style.css giveaway-baim.ga/css/	7 KB 2 KB	32ms 31ms	Stylesheet text/css	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://giveaway-baim.ga/css/style.css Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash d85d76a69d8fa5169c0ac71a487e170f6bf193bde58d1138688578a541683f5a Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Content-Encoding gzip Last-Modified Mon, 16 Nov 2020 11:10:14 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 1577 Expires Sat, 05 Dec 2020 04:33:59 GMT
GET H/1.1	200 OK	facebook.css giveaway-baim.ga/css/login/	3 KB 1 KB	63ms 41ms	Stylesheet text/css	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://giveaway-baim.ga/css/login/facebook.css Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Content-Encoding gzip Last-Modified Tue, 07 Jul 2020 09:39:50 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 775 Expires Sat, 05 Dec 2020 04:33:59 GMT
GET H/1.1	200 OK	animate.css giveaway-baim.ga/css/	76 KB 5 KB	63ms 41ms	Stylesheet text/css	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://giveaway-baim.ga/css/animate.css Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash 6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Content-Encoding gzip Last-Modified Tue, 07 Jul 2020 09:39:50 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 4774 Expires Sat, 05 Dec 2020 04:33:59 GMT
GET H2	200	material-design-iconic-font.css cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/	83 KB 6 KB	11ms 10ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2 Security Headers Name Value Strict-Transport-Security max-age=15780000 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 28 Nov 2020 04:33:59 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 234234 x-via cfworker/kv cross-origin-resource-policy cross-origin content-length 6252 cf-request-id 06aeba272b0000c2b3279b5000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:12:09 GMT server cloudflare etag "5eb03ed9-14d38" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M6ychzCDuwc3%2FfWIuQfn4Un08vjWZUM2bCPrDci5RLSTm5RybxF3lAVSCE%2F%2F04yOfm6yWF64ESpbws63X8HYOQCi4fYJPWGlEca7BexWuRFla2Niha4uac993j4nOw98%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5f915fb84f5ac2b3-FRA expires Thu, 18 Nov 2021 04:33:59 GMT
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	29ms 9ms	Stylesheet text/css	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin http://giveaway-baim.ga Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 28 Nov 2020 04:33:59 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:35:20 GMT etag "1544639720" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 7050
GET H/1.1	200 OK	facebook_icon.png giveaway-baim.ga/img/login/	78 KB 78 KB	65ms 41ms	Image image/png	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Show image Full URL http://giveaway-baim.ga/img/login/facebook_icon.png Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash 4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Last-Modified Tue, 07 Jul 2020 09:39:52 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 79439 Expires Sat, 05 Dec 2020 04:33:59 GMT
GET H2	200	apple_iphone_11_128_gb_-nano_simcard_-_esim-_full09.jpg www.static-src.com/wcsstore/Indraprastha/images/catalog/medium//102/MTA-4195875/	4 KB 4 KB	33ms 15ms	Image image/webp	2606:4700::6812:999 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.static-src.com/wcsstore/Indraprastha/images/catalog/medium//102/MTA-4195875/apple_iphone_11_128_gb_-nano_simcard_-_esim-_full09.jpg Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:999 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d93f083b1be05e3d86802fca196131bfdedbb207a9e2c3d1de799f272e8e2643 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 28 Nov 2020 04:33:59 GMT x-content-type-options nosniff cf-cache-status HIT vary Accept-Encoding content-length 4022 cf-request-id 06aeba273e000005e469a05000000001 last-modified Sat, 21 Sep 2019 01:20:23 GMT server cloudflare etag "cffGtE23RJi-duEtfqsWKD-w:5d857ad7-2162" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15724800; includeSubDomains content-type image/webp cache-control public,max-age=31536000 cf-resized internal=ok/h t=0.034 v=2020.11.4 accept-ranges bytes cf-ray 5f915fb86a4905e4-FRA
GET H2	200	5de4acd8bcbee.jpg static.bmdstatic.com/pk/product/medium/	17 KB 18 KB	54ms 18ms	Image image/jpg	2606:4700:20::681a:a4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bmdstatic.com/pk/product/medium/5de4acd8bcbee.jpg Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14458ff7adfa65a1088ce003800f1dbc5c72981c4f19b53c9d07a38707cbae66 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 28 Nov 2020 04:33:59 GMT content-encoding base64 cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 2544 cf-polished origSize=20902, status=webp_bigger x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-methods GET, HEAD content-length 17524 cf-request-id 06aeba275500001fbafe2a9000000001 access-control-allow-origin * last-modified Mon, 02 Dec 2019 06:19:06 GMT server cloudflare etag "56cee885bb938cc187dbef27dbfbf2aa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OpH0RvvAkhdm3D4bGcg%2B22seGvFkaWfY%2Fvlbv%2F4C8rFlPqytGF6a7amjxDoMvP24iRXcNFreR3jqMLDHOPczAHilSBpmtJdkpfs1WgUlZxnU3Yvj3oRV0tI6LJY5VzWAPA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpg via 1.1 298295dc49d01ca277aeb7439bbb326f.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop MXP64-C2 accept-ranges bytes cf-ray 5f915fb88a8d1fba-AMS x-amz-cf-id K0KrssOdPe_Fi4V9f6iT0WdijyJTkYwqxjdzub3TbbjeqFhga468sQ== cf-bgj imgq:100,h2pri
GET H/1.1	200 OK	HNKZ2_AV2 store.storeimages.cdn-apple.com/4982/as-images.apple.com/is/	290 KB 290 KB	189ms 75ms	Image image/jpeg	104.111.252.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://store.storeimages.cdn-apple.com/4982/as-images.apple.com/is/HNKZ2_AV2?wid=1144&hei=1144&fmt=jpeg&qlt=95&op_usm=0.5,0.5&.v=1582240205864 Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.252.192 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-252-192.deploy.static.akamaitechnologies.com Software Apple / Resource Hash e7304359cd2386f2c65dc9471f8f585ca48c3d4a799969c55e369547d795d922 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Server Apple X-Cache-Status HIT Strict-Transport-Security max-age=31536000 X-Cache TCP_HIT from a2-16-187-47.deploy.akamaitechnologies.com (AkamaiGHost/10.2.2.1-31386017) (-) Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN Cache-Control max-age=103 Connection keep-alive x-shred aa3bfe56a8f5272c9bd71b16fc8ca261 Content-Length 296462 X-CDN Akam Expires Sat, 28 Nov 2020 04:35:42 GMT
GET H2	200	uploaded_b23c641995124cbb8c30d2a82d6fad08.jpg p.ipricegroup.com/	5 KB 5 KB	205ms 67ms	Image image/jpeg	13.224.93.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p.ipricegroup.com/uploaded_b23c641995124cbb8c30d2a82d6fad08.jpg Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.93.119 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-93-119.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 1f1130ede9c7dcd3e15361738c13ced23c3dd2398e02ec148a4ab608554757c9 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 23 Nov 2020 09:56:00 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Thu, 18 Apr 2019 08:10:34 GMT server AmazonS3 age 412680 etag "428dc1d61a5bbea4b634c974944a1e2f" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=604800 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 5102 x-amz-cf-id CMDKVHjiEoYj-ZOBoZZraMUygDDfP7kMsvvo36Ch0tvU63zPaJHMBA==
GET H2	200	apple_iphone-7-plus-128gb-rose-gold_full02.jpg www.static-src.com/wcsstore/Indraprastha/images/catalog/full//86/MTA-1364432/	11 KB 12 KB	22ms 14ms	Image image/webp	2606:4700::6812:999 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.static-src.com/wcsstore/Indraprastha/images/catalog/full//86/MTA-1364432/apple_iphone-7-plus-128gb-rose-gold_full02.jpg Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:999 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fe2c36a7d22bf42fd0e3d766fa0dc055df86e2a6df5fed67b0d24a6ce4807f9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 28 Nov 2020 04:33:59 GMT x-content-type-options nosniff cf-cache-status HIT vary Accept-Encoding content-length 11654 cf-request-id 06aeba273e000005e49b156000000001 last-modified Mon, 28 Aug 2017 02:13:45 GMT server cloudflare etag "cfQwds9Kp02F_n--ujfxR95w:59a37c59-64f1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15724800; includeSubDomains content-type image/webp cache-control public,max-age=31536000 cf-resized internal=ok/h t=0.108 v=2020.11.4 accept-ranges bytes cf-ray 5f915fb86a4a05e4-FRA
GET H2	200	uploaded_78a665c0c107c84facf5cecf194826c8.jpg p.ipricegroup.com/	10 KB 10 KB	174ms 68ms	Image image/jpeg	13.224.93.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p.ipricegroup.com/uploaded_78a665c0c107c84facf5cecf194826c8.jpg Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.93.119 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-93-119.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash d2b3a582c6b1f9c10c3a88dbbe71f942b6165b0c98a4827da92582283e374e5d Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Sep 2020 11:47:31 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Wed, 12 Sep 2018 05:48:16 GMT server AmazonS3 age 6626789 etag "1f327c4e3dec1b35e09234cc6680bb1c" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 10106 x-amz-cf-id g9tpWhz65yNcuEiGXrg5f-yBhjwOCZSx_Ws_PMgHCveTv4ILc0BaaA==
GET H2	200	47699944_699293f5-5b9e-4606-924f-f6457ab843f9_800_803.jpg ecs7.tokopedia.net/img/cache/700/product-1/2019/1/28/47699944/	30 KB 31 KB	151ms 52ms	Image image/jpeg	2.16.186.73 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://ecs7.tokopedia.net/img/cache/700/product-1/2019/1/28/47699944/47699944_699293f5-5b9e-4606-924f-f6457ab843f9_800_803.jpg Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.73 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-73.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 2c8c781b6d671a88b2367aee1663fd22f43ebd7ea0d5a4c2cdf9743b12d67cab Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id YzEm50oz9RbQ4SCvwmZo_H385AfiseGI x-amz-expiration expiry-date="Tue, 02 Feb 2021 00:00:00 GMT", rule-id="Cache Image Upload" last-modified Sun, 02 Feb 2020 16:31:58 GMT server AmazonS3 x-amz-request-id 798C04DC497ABD43 etag "21628224838d380260b971a9ca19a584" access-control-max-age 31536000 content-type image/jpeg access-control-allow-origin * cache-control max-age=27576787 date Sat, 28 Nov 2020 04:33:59 GMT accept-ranges bytes content-length 30902 x-amz-id-2 ifSOxL2weIrtyEUIAsv3dflTHY9XzcJiAl6kPEzbfLv2d8FL+hOfJQjKnGa+EuKUaYMNY4NmIKk= expires Wed, 13 Oct 2021 08:47:06 GMT
GET H2	200	037900200_1433533991-1.jpg cdn1-production-images-kly.akamaized.net/GQtUg9KSCzvEej_F15CSC-cEq38=/640x640/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/894236/original/	59 KB 59 KB	131ms 43ms	Image image/jpeg	2.16.177.66 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1-production-images-kly.akamaized.net/GQtUg9KSCzvEej_F15CSC-cEq38=/640x640/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/894236/original/037900200_1433533991-1.jpg Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.177.66 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-177-66.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8890d6fb9ef4b11e59f7d8dceb47dea57f3df3e2e81331448455f38c7997387e Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-varnish-cache MISS date Sat, 28 Nov 2020 04:33:59 GMT x-ttl 300.000 x-amz-cf-pop FRA2-C1 etag "2806cd526f6696ed93e4f6e0ab132dfb2230fcb9" x-varnish 15706756 server-node ip-10-10-204-96 cache-control public, max-age=30205053 accept-ranges bytes content-type image/jpeg content-length 59911 x-amz-cf-id hEPdSbUSBGT0IC5DUP2bIOOYMWyizpVlfOc1VsVFPD-wCm1wOuSekQ== server nginx expires Fri, 12 Nov 2021 18:51:32 GMT
GET H/1.1	200 OK	facebook_text.png giveaway-baim.ga/img/login/	28 KB 28 KB	31ms 31ms	Image image/png	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Show image Full URL http://giveaway-baim.ga/img/login/facebook_text.png Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Last-Modified Tue, 07 Jul 2020 09:39:52 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 28789 Expires Sat, 05 Dec 2020 04:33:59 GMT
GET H/1.1	200 OK	jquery-1.10.2.min.js Show response code.jquery.com/	91 KB 32 KB	17ms 7ms	Script application/javascript	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-1.10.2.min.js Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Content-Encoding gzip Last-Modified Fri, 24 Oct 2014 00:16:07 GMT Server nginx ETag W/"54499a47-16bb3" Vary Accept-Encoding X-HW 1606538039.dop121.fr8.t,1606538039.cds272.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 32788
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 29 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 08:03:12 GMT content-encoding gzip x-content-type-options nosniff age 160247 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29671 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 26 Nov 2021 08:03:12 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.3/	82 KB 29 KB	36ms 13ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 21 Nov 2020 22:38:27 GMT content-encoding gzip x-content-type-options nosniff age 539732 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29707 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Nov 2021 22:38:27 GMT
GET H/1.1	200 OK	popup.js Show response giveaway-baim.ga/js/	398 B 520 B	66ms 42ms	Script application/javascript	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://giveaway-baim.ga/js/popup.js Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash acd093ba6d95d3a1285a4e37f18b268ed44b606e2fc541db54de039124a78808 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Content-Encoding gzip Last-Modified Tue, 28 Jul 2020 18:37:52 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 168 Expires Sat, 05 Dec 2020 04:33:59 GMT
GET H/1.1	200 OK	tab.js Show response giveaway-baim.ga/js/	592 B 638 B	65ms 41ms	Script application/javascript	62.77.156.111 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://giveaway-baim.ga/js/tab.js Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/ Protocol HTTP/1.1 Server 62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS 31fe.c.serverhost.name Software LiteSpeed / Resource Hash 3fe99a1415a520211788190dd95ad5ae26fc6cf45254de253be609e12778a500 Request headers Referer http://giveaway-baim.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 28 Nov 2020 04:33:59 GMT Content-Encoding gzip Last-Modified Thu, 05 Nov 2020 12:09:56 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 286 Expires Sat, 05 Dec 2020 04:33:59 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 529 B	14ms 14ms	Stylesheet text/css	2a00:1450:4001:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Teko&display=swap Requested by Host: giveaway-baim.ga URL: http://giveaway-baim.ga/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 09c10d2b40651f07a90da9c0a2be67f35d680f48bbf498d27a43c5861a4947ef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://giveaway-baim.ga/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff last-modified Sat, 28 Nov 2020 03:55:58 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin date Sat, 28 Nov 2020 04:33:59 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Sat, 28 Nov 2020 04:33:59 GMT
GET H2	200	LYjNdG7kmE0gfaN9pQlCpVo.woff2 fonts.gstatic.com/s/teko/v10/	7 KB 7 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/teko/v10/LYjNdG7kmE0gfaN9pQlCpVo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Teko&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2c56dafacf424a7fdd905d4925b2bf3e3d40f55031a77cbc59c213855b0c4c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://giveaway-baim.ga Referer https://fonts.googleapis.com/css2?family=Teko&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:20:50 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 04:21:42 GMT server sffe age 148389 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6904 x-xss-protection 0 expires Fri, 26 Nov 2021 11:20:50 GMT
GET H2	200	fontawesome-webfont.woff2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 75 KB	10ms 9ms	Font font/woff2	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: stackpath.bootstrapcdn.com URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin http://giveaway-baim.ga Referer https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 28 Nov 2020 04:33:59 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:36:18 GMT etag "1544639778" vary Accept-Encoding x-cache HIT content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 77171

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network) Generic Gaming (Entertainment)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| open_login function| open_facebook function| open_twitter function| close_login function| close_facebook function| close_twitter function| openHero

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn1-production-images-kly.akamaized.net
cdnjs.cloudflare.com
code.jquery.com
ecs7.tokopedia.net
fonts.googleapis.com
fonts.gstatic.com
giveaway-baim.ga
p.ipricegroup.com
stackpath.bootstrapcdn.com
static.bmdstatic.com
store.storeimages.cdn-apple.com
www.static-src.com
104.111.252.192
13.224.93.119
2.16.177.66
2.16.186.73
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:3b
2606:4700:20::681a:a4a
2606:4700::6810:125e
2606:4700::6812:999
2a00:1450:4001:815::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::200a
62.77.156.111
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
09c10d2b40651f07a90da9c0a2be67f35d680f48bbf498d27a43c5861a4947ef
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0fe2c36a7d22bf42fd0e3d766fa0dc055df86e2a6df5fed67b0d24a6ce4807f9
14458ff7adfa65a1088ce003800f1dbc5c72981c4f19b53c9d07a38707cbae66
1f1130ede9c7dcd3e15361738c13ced23c3dd2398e02ec148a4ab608554757c9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c8c781b6d671a88b2367aee1663fd22f43ebd7ea0d5a4c2cdf9743b12d67cab
3fe99a1415a520211788190dd95ad5ae26fc6cf45254de253be609e12778a500
4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7
6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8890d6fb9ef4b11e59f7d8dceb47dea57f3df3e2e81331448455f38c7997387e
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870
acd093ba6d95d3a1285a4e37f18b268ed44b606e2fc541db54de039124a78808
b6e4d70c8b48078b7f132fd8a65d12a09eea4d12a2d09f95615cc11eb5dddcc0
d2b3a582c6b1f9c10c3a88dbbe71f942b6165b0c98a4827da92582283e374e5d
d2c56dafacf424a7fdd905d4925b2bf3e3d40f55031a77cbc59c213855b0c4c1
d85d76a69d8fa5169c0ac71a487e170f6bf193bde58d1138688578a541683f5a
d93f083b1be05e3d86802fca196131bfdedbb207a9e2c3d1de799f272e8e2643
e7304359cd2386f2c65dc9471f8f585ca48c3d4a799969c55e369547d795d922
f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2