urlscan.io logo urlscan.io
SecurityTrails logo

ru.giveawayoftheday.com Open in urlscan Pro
204.155.149.200  Public Scan

Go To Rescan Add Verdict Report
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Submission Tags: falconsandbox
Submission: On January 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 46 HTTP transactions. The main IP is 204.155.149.200, located in United States and belongs to WZCOM-, US. The main domain is ru.giveawayoftheday.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 6th 2019. Valid for: 2 years.
This is the only time ru.giveawayoftheday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    204.155.149.200 (United States)

ASN40824 (WZCOM-, US)
PTR: giveawayoftheday.com
ru.giveawayoftheday.com
giveawayoftheday.com
www.giveawayoftheday.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
2    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
14 ru.giveawayoftheday.com ru.giveawayoftheday.com
8 fonts.gstatic.com fonts.googleapis.com
4 pagead2.googlesyndication.com ru.giveawayoftheday.com
pagead2.googlesyndication.com
4 fonts.googleapis.com ru.giveawayoftheday.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 giveawayoftheday.com ru.giveawayoftheday.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 ssl.google-analytics.com 1 redirects ru.giveawayoftheday.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net ru.giveawayoftheday.com
1 www.giveawayoftheday.com ru.giveawayoftheday.com
1 ajax.googleapis.com ru.giveawayoftheday.com
46 15
Subject Issuer Validity Valid
*.giveawayoftheday.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-06 -
2021-03-15		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Frame ID: 75DD0D7E3E4A4904A3E57167834AFA8D
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Frame ID: 940452700AF0B04FB0085890BA72E951
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5954465348452390&output=html&h=280&slotname=6773926260&adk=2957876891&adf=923049590&pi=t.ma~as.6773926260&w=434&fwrn=4&fwrnh=100&lmt=1610960369&rafmt=1&psa=0&format=434x280&url=https%3A%2F%2Fru.giveawayoftheday.com%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1610960369721&bpp=15&bdt=742&idt=73&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3804816376336&frm=20&pv=2&ga_vid=126189178.1610960370&ga_sid=1610960370&ga_hid=713810595&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769&oid=3&pvsid=78112514877918&pem=1&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZqsGlRicyr&p=https%3A//ru.giveawayoftheday.com&dtd=92
Frame ID: CA4E7FD1756B90B20BB9013293712EB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5954465348452390&output=html&adk=1812271804&adf=3025194257&lmt=1610960369&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fru.giveawayoftheday.com%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0&ea=0&flash=0&pra=7&wgl=1&dt=1610960369737&bpp=2&bdt=757&idt=86&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=434x280&nras=1&correlator=3804816376336&frm=20&pv=1&ga_vid=126189178.1610960370&ga_sid=1610960370&ga_hid=713810595&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769&oid=3&pvsid=78112514877918&pem=1&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Frame ID: 2275F7BB84CFC3294BE564D8ADB815D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 801A0D949547F5FC6DAE107C8A4AF740
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

46
Requests

100 %
HTTPS

82 %
IPv6

10
Domains

15
Subdomains

11
IPs

3
Countries

600 kB
Transfer

1316 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=287544227&utmhn=ru.giveawayoftheday.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Giveaway%20of%20the%20Day%20in%20Russian&utmhid=713810595&utmr=-&utmp=%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0&utmpg=1:uwe_group&utmht=1610960369767&utmac=UA-774959-1&utmcc=__utma%3D221307719.1450709979.1610960370.1610960370.1610960370.1%3B%2B__utmz%3D221307719.1610960370.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1780693044&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAABAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-774959-1&cid=1450709979.1610960370&jid=1780693044&_v=5.7.2&z=287544227

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
ru.giveawayoftheday.com/download/ 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
edcd411fc358d52133ef05d94555ad2c7d062d91069346c6b77bb2a335191d9d

Request headers

Host
ru.giveawayoftheday.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Date
Mon, 18 Jan 2021 08:59:28 GMT
Set-Cookie
gotd_auth=NDQ3NzAxNHxmMjRlY2Y2NGEzNDAxNDk0MjJkYWQ4OTIwZGQ3OWIxYg%3D%3D; expires=Fri, 19-Mar-2021 08:59:28 GMT; path=/; domain=.giveawayoftheday.com; httponly app6004=5f6ee2313f1899691deffbc063309d46; expires=Tue, 19-Jan-2021 08:59:28 GMT; path=/; domain=.giveawayoftheday.com; httponly
Content-Encoding
gzip
modal.css
ru.giveawayoftheday.com/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/css/modal.css?v=1550654504
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
d91972d34c79b230d02404c64fa91ce47e5cb7513f5f2591e1f36b0600503cc2

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 09:21:44 GMT
Server
nginx
ETag
W/"5c6d1c28-451c"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
css
fonts.googleapis.com/ 		4 KB
703 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300&subset=latin
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3040a194620adf59cd9c9f411ae402942591d2bc76cd6a6da6316241db8abf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Jan 2021 08:59:28 GMT
server
ESF
date
Mon, 18 Jan 2021 08:59:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Jan 2021 08:59:28 GMT
css
fonts.googleapis.com/ 		10 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e83fb7083a0c946ffa4f515441dd7b08ffca158630b80a5ac3200c306d919a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Jan 2021 08:59:28 GMT
server
ESF
date
Mon, 18 Jan 2021 08:59:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Jan 2021 08:59:28 GMT
main.css
ru.giveawayoftheday.com/css/ 		66 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/css/main.css?v=1553782950
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
f19d233bfb7b598621a62a3e205278d6da6eca4c1696fb1762b615162b70a602

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Mar 2019 14:22:30 GMT
Server
nginx
ETag
W/"5c9cd8a6-1078d"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
index.css
ru.giveawayoftheday.com/css/ 		92 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/css/index.css?v=1567176864
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
f3dee7fd3fa9de71c2e98b56b04808ef5bf6191c14f0a0404565f3aa05712349

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Aug 2019 14:54:24 GMT
Server
nginx
ETag
W/"5d6938a0-16e84"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
download.css
ru.giveawayoftheday.com/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/css/download.css?v=1550654504
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
27cb28d5ec244b66b7f50c3909ac0bcb029cf88806118a843a56d566ce121fcc

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 09:21:44 GMT
Server
nginx
ETag
W/"5c6d1c28-2095"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 21:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40528
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32984
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jan 2022 21:44:01 GMT
plugins.js
ru.giveawayoftheday.com/js/ 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/js/plugins.js?v=1550654505
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
12790e4784f088a14537bdc08b02714b7f522ea3823fcb439b7ac96bf7a36642

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 09:21:45 GMT
Server
nginx
ETag
W/"5c6d1c29-ef34"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
script.js
ru.giveawayoftheday.com/js/ 		114 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/js/script.js?v=1559636066
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
392054a3a9ef140749f88ce8fb5cf5a4b15c4473b44afa68b60deece27c71ddd

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jun 2019 08:14:26 GMT
Server
nginx
ETag
W/"5cf62862-1c753"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
widget.php
ru.giveawayoftheday.com/ 		438 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.giveawayoftheday.com/widget.php?url=https%3A%2F%2Fru.giveawayoftheday.com%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
6812f21fb19d6debf9ac51fc76bfad199c5becff01787cbd48ec378ed251b6da

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
6b4b10482be66fcad3fe93cc28206527.jpeg
giveawayoftheday.com/wp-content/uploads/2020/09/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giveawayoftheday.com/wp-content/uploads/2020/09/6b4b10482be66fcad3fe93cc28206527.jpeg
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
4cb9120741aa78bceb03f95dec07d0e04587ba4d1360aea584783fed1238ed84

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Last-Modified
Mon, 14 Sep 2020 11:18:11 GMT
Server
nginx
ETag
"5f5f5173-d65"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3429
Expires
Mon, 01 Feb 2021 08:59:29 GMT
63434a8bb191c9b258a68e51eea8609b.png
giveawayoftheday.com/wp-content/uploads/2021/01/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giveawayoftheday.com/wp-content/uploads/2021/01/63434a8bb191c9b258a68e51eea8609b.png
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
c462f6fbecc90532090d2a906591e81d01db4166474fe0a8434f966ebb263db0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Last-Modified
Fri, 15 Jan 2021 09:45:47 GMT
Server
nginx
ETag
"6001644b-6c2e"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27694
Expires
Mon, 01 Feb 2021 08:59:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 08:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47568
x-xss-protection
0
server
cafe
etag
3101847616964972039
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Jan 2021 08:59:29 GMT
d8b797cf06cf06390f4269d45246f1e3.jpeg
giveawayoftheday.com/wp-content/uploads/2021/01/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giveawayoftheday.com/wp-content/uploads/2021/01/d8b797cf06cf06390f4269d45246f1e3.jpeg
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
e47312975aaddfb66e4f9ed1af6e039da4582fe2ad8f8bd3bcc26150ceb72af7

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:30 GMT
Last-Modified
Sun, 17 Jan 2021 16:13:37 GMT
Server
nginx
ETag
"60046231-7b0a"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31498
Expires
Mon, 01 Feb 2021 08:59:30 GMT
css
fonts.googleapis.com/ 		4 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300&subset=latin,greek,cyrillic,vietnamese
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/css/main.css?v=1553782950
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9137442d3427db4384cf813f4f56cb2ac8a51ba5472c501f6cf01a09c5973ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/css/main.css?v=1553782950
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Jan 2021 08:59:29 GMT
server
ESF
date
Mon, 18 Jan 2021 08:59:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Jan 2021 08:59:29 GMT
css
fonts.googleapis.com/ 		6 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700&subset=latin,greek,cyrillic
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/css/main.css?v=1553782950
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1abd1afaff1aa9eef863840ffa8fa733c21a8cab8d2eaa4c1443c9cf4da1834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/css/main.css?v=1553782950
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Jan 2021 08:59:29 GMT
server
ESF
date
Mon, 18 Jan 2021 08:59:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Jan 2021 08:59:29 GMT
nav_sprite.svg
ru.giveawayoftheday.com/images/svg/ 		28 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.giveawayoftheday.com/images/svg/nav_sprite.svg
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/css/main.css?v=1553782950
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
e40b776f08e5c582099bf06ab30e6dcac98c18f9d4ef82a345710e7fb751f422

Request headers

Referer
https://ru.giveawayoftheday.com/css/main.css?v=1553782950
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 09:21:45 GMT
Server
nginx
ETag
W/"5c6d1c29-71a8"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
flags.png
ru.giveawayoftheday.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.giveawayoftheday.com/images/flags.png
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/css/main.css?v=1553782950
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
0e339d121a83616cca27c621d2d611ac88bb627515d8aac80b8035caf89bbdc0

Request headers

Referer
https://ru.giveawayoftheday.com/css/main.css?v=1553782950
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Last-Modified
Wed, 20 Feb 2019 09:21:45 GMT
Server
nginx
ETag
"5c6d1c29-53a"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1338
Expires
Mon, 01 Feb 2021 08:59:29 GMT
logo.svg
ru.giveawayoftheday.com/images/svg/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.giveawayoftheday.com/images/svg/logo.svg
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/css/main.css?v=1553782950
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
9e89f7cdbcf4caf0519540798dbe1064734ef641c14ed37549f4d398fdf30ab6

Request headers

Referer
https://ru.giveawayoftheday.com/css/main.css?v=1553782950
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 09:21:45 GMT
Server
nginx
ETag
W/"5c6d1c29-144a"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
sprite.png
ru.giveawayoftheday.com/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.giveawayoftheday.com/images/sprite.png
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/css/main.css?v=1553782950
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
3f75e157ffce652948a1e8d902c4eb787ead019cac037f473e36ac8717f7c218

Request headers

Referer
https://ru.giveawayoftheday.com/css/main.css?v=1553782950
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Last-Modified
Wed, 20 Feb 2019 09:21:45 GMT
Server
nginx
ETag
"5c6d1c29-e036"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57398
Expires
Mon, 01 Feb 2021 08:59:29 GMT
sprite.svg
ru.giveawayoftheday.com/images/svg/ 		27 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.giveawayoftheday.com/images/svg/sprite.svg
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/css/download.css?v=1550654504
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
44970e1d1181c34fce8ef2917fe65ceb556fb120c7ef9a79a86019a7ce25bf7f

Request headers

Referer
https://ru.giveawayoftheday.com/css/download.css?v=1550654504
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 09:21:45 GMT
Server
nginx
ETag
W/"5c6d1c29-6cee"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Mon, 01 Feb 2021 08:59:29 GMT
KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 13:20:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:34 GMT
server
sffe
age
329968
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Fri, 14 Jan 2022 13:20:01 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 08:58:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
172840
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Sun, 16 Jan 2022 08:58:49 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 16:12:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
319644
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Fri, 14 Jan 2022 16:12:05 GMT
BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0c3b5c5a386f4a1b168734be9f5f2d3c73b90aae1f797d88e90f8209018c156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 18:11:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:31:44 GMT
server
sffe
age
398869
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20876
x-xss-protection
0
expires
Thu, 13 Jan 2022 18:11:40 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 05:54:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:33:54 GMT
server
sffe
age
270280
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30940
x-xss-protection
0
expires
Sat, 15 Jan 2022 05:54:49 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 22:21:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
556689
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 11 Jan 2022 22:21:20 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 06:19:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
441583
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Thu, 13 Jan 2022 06:19:46 GMT
/
ru.giveawayoftheday.com/download/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:29 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2457
date
Mon, 18 Jan 2021 08:18:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 18 Jan 2021 10:18:32 GMT
log.php
www.giveawayoftheday.com/ 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.giveawayoftheday.com/log.php?id=6,4558,7241,7244&r=42545
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.149.200 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
giveawayoftheday.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 08:59:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ru.giveawayoftheday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,300italic&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 16:17:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
319336
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 14 Jan 2022 16:17:13 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/ 		226 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 08:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86268
x-xss-protection
0
server
cafe
etag
7753973667244452840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jan 2021 08:59:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/ Frame 9404 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 17 Jan 2021 11:17:30 GMT
expires
Sun, 31 Jan 2021 11:17:30 GMT
content-type
text/html; charset=UTF-8
etag
12197657918578843409
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
78119
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=287544227&utmhn=ru.giveawayoftheday.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-774959-1&cid=1450709979.1610960370&jid=1780693044&_v=5.7.2&z=287544227
35 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-774959-1&cid=1450709979.1610960370&jid=1780693044&_v=5.7.2&z=287544227
Requested by
Host: ru.giveawayoftheday.com
URL: https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Jan 2021 08:59:29 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Jan 2021 08:59:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-774959-1&cid=1450709979.1610960370&jid=1780693044&_v=5.7.2&z=287544227
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		210 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ru.giveawayoftheday.com&callback=_gfp_s_&client=ca-pub-5954465348452390
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f2c0b34e599ad24c816438549475452abd28a7459c5ff3f8f4478049971a7fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 08:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ru.giveawayoftheday.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Jan 2021 08:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ru.giveawayoftheday.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Jan 2021 08:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CA4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5954465348452390&output=html&h=280&slotname=6773926260&adk=2957876891&adf=923049590&pi=t.ma~as.6773926260&w=434&fwrn=4&fwrnh=100&lmt=1610960369&rafmt=1&psa=0&format=434x280&url=https%3A%2F%2Fru.giveawayoftheday.com%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1610960369721&bpp=15&bdt=742&idt=73&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3804816376336&frm=20&pv=2&ga_vid=126189178.1610960370&ga_sid=1610960370&ga_hid=713810595&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769&oid=3&pvsid=78112514877918&pem=1&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZqsGlRicyr&p=https%3A//ru.giveawayoftheday.com&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5954465348452390&output=html&h=280&slotname=6773926260&adk=2957876891&adf=923049590&pi=t.ma~as.6773926260&w=434&fwrn=4&fwrnh=100&lmt=1610960369&rafmt=1&psa=0&format=434x280&url=https%3A%2F%2Fru.giveawayoftheday.com%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1610960369721&bpp=15&bdt=742&idt=73&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3804816376336&frm=20&pv=2&ga_vid=126189178.1610960370&ga_sid=1610960370&ga_hid=713810595&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769&oid=3&pvsid=78112514877918&pem=1&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZqsGlRicyr&p=https%3A//ru.giveawayoftheday.com&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 18 Jan 2021 08:59:30 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 18-Jan-2021 09:14:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 18 Jan 2021 08:59:30 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 08:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1610714114181599"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28294
x-xss-protection
0
expires
Mon, 18 Jan 2021 08:59:29 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2275 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5954465348452390&output=html&adk=1812271804&adf=3025194257&lmt=1610960369&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fru.giveawayoftheday.com%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0&ea=0&flash=0&pra=7&wgl=1&dt=1610960369737&bpp=2&bdt=757&idt=86&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=434x280&nras=1&correlator=3804816376336&frm=20&pv=1&ga_vid=126189178.1610960370&ga_sid=1610960370&ga_hid=713810595&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769&oid=3&pvsid=78112514877918&pem=1&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5954465348452390&output=html&adk=1812271804&adf=3025194257&lmt=1610960369&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fru.giveawayoftheday.com%2Fdownload%2F%3Fc%3Dd2b65f4baa2da20c1c6c96d5a73f72a0&ea=0&flash=0&pra=7&wgl=1&dt=1610960369737&bpp=2&bdt=757&idt=86&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=434x280&nras=1&correlator=3804816376336&frm=20&pv=1&ga_vid=126189178.1610960370&ga_sid=1610960370&ga_hid=713810595&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769&oid=3&pvsid=78112514877918&pem=1&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 18 Jan 2021 08:59:29 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 18-Jan-2021 09:14:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 18 Jan 2021 08:59:29 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f9b1e9c522f852d24d9a8cf13a7077928866bc0b17c263faa012329c8bb077b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Jan 2021 08:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6851
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 08:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Mon, 18 Jan 2021 08:59:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 801A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Mon, 18 Jan 2021 08:13:57 GMT
expires
Tue, 18 Jan 2022 08:13:57 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2733
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210112&jk=78112514877918&bg=!6uml6arNAAWtJAQVrTsAKQB2-DxajrNzPiTYWuqEdTdOggIJiV1p2C9rgp-Kkwc87968CDEyx8ecAgAAAFJSAAAADGgBBwoBA1tJGDtNq0Q-EfV-zvybZb5JEhKls_XoPBiTPmmvxhgtn3r-cDVoHOsfA8prOolHdWTz4m2cghwSJGyX78K9BXPGa9jCncrptbC44ppUhRk4t4Sl3FWh_Znsk38nHYnow3cVNEaPKsvTuhD7QoXGy620WrNwj5S2C8zRrlPc8W9vOAKelDNv5ZxuAVLCLTWIwErXIx5ufFFvkUMIsHliyCZTYO-A7pnnQ5ah-B2cNDkuDOYNRSRJMKaUMARoKfhsOIhE0SpfTe5QLrmM1pbwsnNluP7tqvOvgPKqpvubYFdqtfOeFMchmFG0ARDkP1qp5VeO0_PKBX4inCOz7aliNyXaXACZAdOKA75Cf5E8Ajag_4SR3yW_9NXRgsLyvVJT8CblO92zuXGPbFXk_9zfSo11we2dgwlVIWRGJIcufctiKUCmMy6-0tpjQUgFPu8qnH-osoH3w14WT2vAM7m24XryYDH9Ub_25aJwBC1KdBBGpyfp7bYEhvcvMavg70gY87Y085hpbe-OuXjvCt6OcGqL3tmDCgUn8IYK7_RhbuVzb_Ou5BUWo3wXTEl7cQjj04VofIpsJMtP1Ti33fxghTdLFULNoyNnFbnm2o2b6Nv8nuRCxAGwIoNz9PMmLUGMJTiTKIKmcb-r1A_INQde7NQAultEnRWWtzpT17mJCh0TT32s-EtF5QaC52GZLUBuIbZV88cP5cWjqVI03eg8LuBMmMBExhbsdfgcDvApA2dhbckvJDgLQgribrx7PxPp4BWVvvgpPRgsoUF4xCfYSOhINVjeVcAB-WzjgQToU8owiYP5iZ0mebAe_vIc2H5nAPSd6GVhrVevJ6BXE3Xw6dqSTpPst4D92lOWS6Vj5PM-XyrEMJOaGs50wGYI55GNIHeiHTTmtJCQfq3jGHuiAyBIzHuT3hD-wppQ-cXrD90kHnOkahpiNrMNTdl29k9ybtS34RQ1qEiAQw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.giveawayoftheday.com/download/?c=d2b65f4baa2da20c1c6c96d5a73f72a0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 08:59:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| nativeSplit boolean| compliantExecNpcg boolean| blockAdBlock object| Modernizr object| jQuery110105613904796029994 function| JQClass function| Picker function| BlockAdBlock function| getCookie function| setCookie function| deleteCookie function| logging function| isChrome function| isChromePushSupport function| detectPrivateMode function| detectNotificationSupported function| getScripts object| common_actions object| post_actions object| comments_actions object| language_support object| downloadShareForm object| gaotd_countdown object| subscribe_action object| subscribe_popup_form object| help_translate_popup_form object| share_iphone_popup object| check_user_lang object| chrome_push_notifications_banner object| firefox_push_notifications_banner object| achecker function| preventDefault function| preventDefaultForScrollKeys function| disableScroll function| enableScroll object| away_bnr object| common_actions_settings object| text_counters function| makeFixedCloseOnload function| getTopCloseOnload string| htmlWidget object| adsbygoogle object| _gaq object| widgetBlock object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| _gat object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.giveawayoftheday.com/ Name: __gads
Value: ID=ce138cc0f8238b7b-22ee73f994b900fc:T=1610960369:RT=1610960369:S=ALNI_Ma3gHpcBAloMjjbQ63xL2gaUIUG_A
.giveawayoftheday.com/ Name: __utmb
Value: 221307719.1.10.1610960370
.giveawayoftheday.com/ Name: __utmz
Value: 221307719.1610960370.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.giveawayoftheday.com/ Name: __utmc
Value: 221307719
.giveawayoftheday.com/ Name: gotd_auth
Value: NDQ3NzAxNHxmMjRlY2Y2NGEzNDAxNDk0MjJkYWQ4OTIwZGQ3OWIxYg%3D%3D
.giveawayoftheday.com/ Name: __utma
Value: 221307719.1450709979.1610960370.1610960370.1610960370.1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.giveawayoftheday.com/ Name: __utmt
Value: 1
.giveawayoftheday.com/ Name: app6004
Value: 5f6ee2313f1899691deffbc063309d46

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
giveawayoftheday.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
ru.giveawayoftheday.com
ssl.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.giveawayoftheday.com
www.googletagservices.com
204.155.149.200
216.58.210.2
2a00:1450:4001:802::200a
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:818::200a
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2001
2a00:1450:400c:c00::9a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e339d121a83616cca27c621d2d611ac88bb627515d8aac80b8035caf89bbdc0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12790e4784f088a14537bdc08b02714b7f522ea3823fcb439b7ac96bf7a36642
27cb28d5ec244b66b7f50c3909ac0bcb029cf88806118a843a56d566ce121fcc
3040a194620adf59cd9c9f411ae402942591d2bc76cd6a6da6316241db8abf88
34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9
392054a3a9ef140749f88ce8fb5cf5a4b15c4473b44afa68b60deece27c71ddd
3f75e157ffce652948a1e8d902c4eb787ead019cac037f473e36ac8717f7c218
44970e1d1181c34fce8ef2917fe65ceb556fb120c7ef9a79a86019a7ce25bf7f
4cb9120741aa78bceb03f95dec07d0e04587ba4d1360aea584783fed1238ed84
4f9b1e9c522f852d24d9a8cf13a7077928866bc0b17c263faa012329c8bb077b
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6812f21fb19d6debf9ac51fc76bfad199c5becff01787cbd48ec378ed251b6da
6e83fb7083a0c946ffa4f515441dd7b08ffca158630b80a5ac3200c306d919a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
9137442d3427db4384cf813f4f56cb2ac8a51ba5472c501f6cf01a09c5973ff9
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9e89f7cdbcf4caf0519540798dbe1064734ef641c14ed37549f4d398fdf30ab6
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1abd1afaff1aa9eef863840ffa8fa733c21a8cab8d2eaa4c1443c9cf4da1834
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c462f6fbecc90532090d2a906591e81d01db4166474fe0a8434f966ebb263db0
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d91972d34c79b230d02404c64fa91ce47e5cb7513f5f2591e1f36b0600503cc2
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b776f08e5c582099bf06ab30e6dcac98c18f9d4ef82a345710e7fb751f422
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
e47312975aaddfb66e4f9ed1af6e039da4582fe2ad8f8bd3bcc26150ceb72af7
edcd411fc358d52133ef05d94555ad2c7d062d91069346c6b77bb2a335191d9d
f0c3b5c5a386f4a1b168734be9f5f2d3c73b90aae1f797d88e90f8209018c156
f19d233bfb7b598621a62a3e205278d6da6eca4c1696fb1762b615162b70a602
f2c0b34e599ad24c816438549475452abd28a7459c5ff3f8f4478049971a7fd2
f3dee7fd3fa9de71c2e98b56b04808ef5bf6191c14f0a0404565f3aa05712349