giveaway.eventnerdz.com Open in urlscan Pro
35.167.136.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://giveaway.eventnerdz.com/lp/137270/lp137270
Submission: On January 15 via api (January 15th 2024, 8:10:05 pm UTC) from US — Scanned from DE

Summary HTTP 143 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 35 domains to perform 143 HTTP transactions. The main IP is 35.167.136.136, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is giveaway.eventnerdz.com.
TLS certificate: Issued by R3 on December 31st 2023. Valid for: 3 months.

This is the only time giveaway.eventnerdz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	35.167.136.136 35.167.136.136	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e2:... 2606:4700:e2::ac40:8c0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2606:4700:20:... 2606:4700:20::681a:ff6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4	52.217.85.140 52.217.85.140	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4 15	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:89a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:6b8::346 2a02:6b8::346	13238 (YANDEX) (YANDEX)
7	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3 8	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	3.124.81.102 3.124.81.102	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:eb6f:23c5:ac95:b36f	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
143	39

2 35.167.136.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-136-136.us-west-2.compute.amazonaws.com

giveaway.eventnerdz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:ff6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.upviral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.85.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

upviral.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:89a::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::346 (Russian Federation)

ASN13238 (YANDEX, RU)

adfstat.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.81.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:eb6f:23c5:ac95:b36f (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	379 KB
24	upviral.com static.upviral.com — Cisco Umbrella Rank: 828220	1 MB
20	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	71 KB
12	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	5 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	173 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6518	885 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	401 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	2 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2947 tr.outbrain.com — Cisco Umbrella Rank: 2812 wave.outbrain.com — Cisco Umbrella Rank: 2909	9 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982 adfstat.yandex.ru — Cisco Umbrella Rank: 28578	74 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	169 KB
4	amazonaws.com upviral.s3.amazonaws.com — Cisco Umbrella Rank: 947360	1 MB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	257 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 1230 analytics.twitter.com — Cisco Umbrella Rank: 789	778 B
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	26 KB
2	eventnerdz.com giveaway.eventnerdz.com	14 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	716 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	544 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 13028	60 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	t.co t.co — Cisco Umbrella Rank: 656	379 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
143	35

	Domain	Requested by
24	static.upviral.com	giveaway.eventnerdz.com static.upviral.com
18	pagead2.googlesyndication.com	giveaway.eventnerdz.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	mc.yandex.com	3 redirects mc.yandex.ru giveaway.eventnerdz.com
9	s0.2mdn.net	giveaway.eventnerdz.com googleads.g.doubleclick.net s0.2mdn.net
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com pagead2.googlesyndication.com giveaway.eventnerdz.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com giveaway.eventnerdz.com tpc.googlesyndication.com
5	www.google.com	1 redirects giveaway.eventnerdz.com tpc.googlesyndication.com
5	www.google.de	giveaway.eventnerdz.com
5	www.googletagmanager.com	giveaway.eventnerdz.com www.googletagmanager.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	connect.facebook.net	giveaway.eventnerdz.com connect.facebook.net
4	upviral.s3.amazonaws.com	giveaway.eventnerdz.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.facebook.com	giveaway.eventnerdz.com
3	ct.pinterest.com	s.pinimg.com giveaway.eventnerdz.com
3	mc.yandex.ru	1 redirects giveaway.eventnerdz.com
2	googleads4.g.doubleclick.net	giveaway.eventnerdz.com
2	c1.adform.net	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	tr.outbrain.com	amplify.outbrain.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	giveaway.eventnerdz.com static.upviral.com
2	use.fontawesome.com	giveaway.eventnerdz.com static.upviral.com
2	giveaway.eventnerdz.com	static.upviral.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.googletagservices.com	giveaway.eventnerdz.com
1	m.exactag.com	giveaway.eventnerdz.com
1	adfstat.yandex.ru	giveaway.eventnerdz.com
1	region1.analytics.google.com	www.googletagmanager.com
1	wave.outbrain.com	amplify.outbrain.com
1	www.googleadservices.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	analytics.twitter.com	giveaway.eventnerdz.com
1	t.co	giveaway.eventnerdz.com
1	static.ads-twitter.com	giveaway.eventnerdz.com
1	platform.twitter.com	1 redirects
143	45

This site contains no links.

Subject Issuer	Validity	Valid
giveaway.eventnerdz.com R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-25` - `2024-01-23`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
adfstat.yandex.ru GlobalSign RSA OV SSL CA 2018	`2023-08-03` - `2024-01-31`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://giveaway.eventnerdz.com/lp/137270/lp137270
Frame ID: C486D0E9E605E6ADAF7136F09C84628D
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 35D4719F2DD70B74AB6D2745BD29C3E3
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: A5C30C13661CF578DF1CEF71030DB28F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450057024913681&output=html&adk=1812271804&adf=3025194257&lmt=1705349399&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705349399210&bpp=2&bdt=262&idt=180&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3560537248185&frm=20&pv=2&ga_vid=1872568115.1705349399&ga_sid=1705349399&ga_hid=1787431023&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080265%2C31080411%2C44798934%2C95320890%2C95321627%2C95321966%2C95322162&oid=2&pvsid=1681793005976022&tmod=723046081&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=193
Frame ID: 85756B23A8CE59EF1DAFC4EA8AAD6A8B
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 9FF205D0C56EE53E1ADD7558D5B15581
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 85581201ED57619C05A9E69E7C00F9A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1800A9331C85C933FD56C3854C41525E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGM_e8YMCMAE&v=APEucNUhFjdfvNAnxzE-27RH_BTjSLXYO6lbIhRXLs7GT18ODoPYQabbnSoW9NN8cfYGJHENWUjQLRyDBKv7XSD1gPy0z5DmEIT_orVQOFvyXFvpOJXplIM6uuxt6qfhS73gPK6msTIkElzn-iUK4_9bPgt-3buEDKfuN0K-oLfnXGDFYza-b0w
Frame ID: D983456EBD40B3592095AA0F31102C22
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1A3B2690E50701C8ABF0A02C79A8379D
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4A72B00745A4C4440D2070FB64F46B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 142EA80F6B83ECD8167B527BBAB7434B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9ABED14FC4CF7569E1CD9DA34CDD992
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8AC4F8BC4CCE11F5230F2D030582D9B9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250
Frame ID: A37D114B9194E984C7A67864C563FC03
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Disney Park Pass Giveaway

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

143
Requests

92 %
HTTPS

57 %
IPv6

35
Domains

45
Subdomains

39
IPs

7
Countries

3739 kB
Transfer

7765 kB
Size

52
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 75

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&label=VDdeCK2Uq_QBEOH8ltEB&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&gtm_ee=1&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=F5GlZZ36FOXHxdwP7uWH2A4&sscte=1&crd=&pscrd=EkxDaEVJZ015VHJRWVE2SnU4M3NxVDVmZVVBUklrQU51aWo1VHQ2NE5zcTVlOUFDNEtEcEZMZmJwTFBnaVJtd1gzcU1VamJuazZKUUhDGlZDaEFJZ015VHJRWVE1dFgtazZ2YjJNa3NFaXdBM2FYdC1JQ0RxNmFRYjRveWhpdGhGMkUzUGMtUXI0bk4yTXljZWV4ejJvMkpkNjRHLXp1RU5LYVZVQSITCN3hqcmZ4IMDFeVjkQUd7vIB6w HTTP 302
https://www.google.com/pagead/1p-conversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&label=VDdeCK2Uq_QBEOH8ltEB&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&gtm_ee=1&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEVJZ015VHJRWVE2SnU4M3NxVDVmZVVBUklrQU51aWo1VHQ2NE5zcTVlOUFDNEtEcEZMZmJwTFBnaVJtd1gzcU1VamJuazZKUUhDGlZDaEFJZ015VHJRWVE1dFgtazZ2YjJNa3NFaXdBM2FYdC1JQ0RxNmFRYjRveWhpdGhGMkUzUGMtUXI0bk4yTXljZWV4ejJvMkpkNjRHLXp1RU5LYVZVQSITCN3hqcmZ4IMDFeVjkQUd7vIB6w&is_vtc=1&ocp_id=F5GlZZ36FOXHxdwP7uWH2A4&cid=CAQSKQAvHhf_JYbH9-udi0zoaZjyiQYi-N2gF792cDDZGy20xQCLnjKY3rCb&random=3553236836 HTTP 302
https://www.google.de/pagead/1p-conversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&label=VDdeCK2Uq_QBEOH8ltEB&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&gtm_ee=1&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEVJZ015VHJRWVE2SnU4M3NxVDVmZVVBUklrQU51aWo1VHQ2NE5zcTVlOUFDNEtEcEZMZmJwTFBnaVJtd1gzcU1VamJuazZKUUhDGlZDaEFJZ015VHJRWVE1dFgtazZ2YjJNa3NFaXdBM2FYdC1JQ0RxNmFRYjRveWhpdGhGMkUzUGMtUXI0bk4yTXljZWV4ejJvMkpkNjRHLXp1RU5LYVZVQSITCN3hqcmZ4IMDFeVjkQUd7vIB6w&is_vtc=1&ocp_id=F5GlZZ36FOXHxdwP7uWH2A4&cid=CAQSKQAvHhf_JYbH9-udi0zoaZjyiQYi-N2gF792cDDZGy20xQCLnjKY3rCb&random=3553236836&ipr=y

Request Chain 76

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10249.fckKT9jfT75z6C2gmfUsxC32f_saYmWORcVgi7iy3sttkhxeXpCrSlBg1EBb_bhO.usEY-eJMXNFGMPyEBMp4KSP45iw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10249.wyOteIXuTL46jAfeb0j8m5JhhkW6uQ9lUeW4qYpbSNxlpnoLoKVHMM24hjZSFgWtw6qI4_OCi_MYhsvCI_xLcHP27vdkdSJMs2_PAjpf1FVMTVQwW4TLoxKZAmRYGcHQnII5gf99YQ0dJC530lRsUt69yJ-kln1RlNQOdQ2UYN86y1VbcFqhYQ5AUT3hg6T_aj_gkzIORKONhp6_Qm9F9GoAVByHc5fGYc9yqdJio74%2C.E62jSAZ2Y3hKczCd00gmcKigSdQ%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.-_KupgCdtWi3dSFtvHJ5DRxX9lQo6g0u0pLuohZGl-36VwQx6LHfnRI0z6NuNCUROz3QqJv_9NbVMCMk7lFxAQRqxxPiaRhjMp4FByPQP3Hk2mnsTSTNAGfE_rnjAXfmWDioPC2v7X0WJ7-vCb0j3BDqX5nwTKdwi1QhXnKmG0-tre373HkbBUuXQeZ7KYp8XXdVWnMJY_6iu5tisn6FUg%2C%2C.IaUWo6v2sLxfxfAv_lQrEPBuIYc%2C

Request Chain 78

https://mc.yandex.com/watch/75341065?wmode=7&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A687951623100%3Ahid%3A291636425%3Az%3A60%3Ai%3A20240115210959%3Aet%3A1705349399%3Ac%3A1%3Arn%3A106853422%3Arqn%3A1%3Au%3A1705349399148030472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C362%2C1002%2C1%2C%2C0%2C%2C141%2C15%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1705349397558%3Agi%3AR0ExLjEuMTg3MjU2ODExNS4xNzA1MzQ5Mzk5%3Afp%3A1538%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705349400%3At%3ADisney%20Park%20Pass%20Giveaway&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)rcm(1)ecs(0)pe(1)cs(kcad)efid(1)ti(1) HTTP 302
https://mc.yandex.com/watch/75341065/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A687951623100%3Ahid%3A291636425%3Az%3A60%3Ai%3A20240115210959%3Aet%3A1705349399%3Ac%3A1%3Arn%3A106853422%3Arqn%3A1%3Au%3A1705349399148030472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C362%2C1002%2C1%2C%2C0%2C%2C141%2C15%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1705349397558%3Agi%3AR0ExLjEuMTg3MjU2ODExNS4xNzA1MzQ5Mzk5%3Afp%3A1538%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705349400%3At%3ADisney%20Park%20Pass%20Giveaway&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29pe%281%29cs%28kcad%29efid%281%29ti%281%29

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWRGDIPXz4Vk0JbFEkE3wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPlGbloIMu1DcnqnUHyuVMA&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzgwODE1MTE5NTY5MjM0Nw%3D%3D

Request Chain 116

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFQ4pMezQ-W998wP9Y2fBPY&google_cver=1&google_push=AXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQ4pMezQ-W998wP9Y2fBPY&google_cver=1&google_push=AXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 117

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJcRFxGTnCDIrgufGpL-kCU&google_cver=1&google_push=AXcoOmTgvFddab4uzb-5_BmBWIGXra0W5KyM0tcVkP0LwNZdozcZth4Qa2HqR2ojj00Ag9Tmj_kn7655e9zR0L4DnqPF_SiTp4cDnYhh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcRFxGTnCDIrgufGpL-kCU&google_push=AXcoOmTgvFddab4uzb-5_BmBWIGXra0W5KyM0tcVkP0LwNZdozcZth4Qa2HqR2ojj00Ag9Tmj_kn7655e9zR0L4DnqPF_SiTp4cDnYhh

Request Chain 120

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKufD_whsDXJn9Ujq2YWQyA&google_cver=1&google_push=AXcoOmTIyVHaY2kyqXccMVnpw86DroLEvf5Bcov3wK-bATg9RzqIDfcFW0v4BRwtCEeE6XZIm-hX1Q-hxHfEED7DcefLAwjUnJoTfYOO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTIyVHaY2kyqXccMVnpw86DroLEvf5Bcov3wK-bATg9RzqIDfcFW0v4BRwtCEeE6XZIm-hX1Q-hxHfEED7DcefLAwjUnJoTfYOO&google_hm=eS1veDNsbkNkRTJwR250aXdraUpiVURvckxOZTFNR05VeX5B

Request Chain 121

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECYt7o9TuNLoUmAH8xpO29E&google_cver=1&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvLABykLCcKdlUuE8Gb858HVgpFUkYv5 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECYt7o9TuNLoUmAH8xpO29E&google_cver=1&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvLABykLCcKdlUuE8Gb858HVgpFUkYv5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE1NTQ5NjgyODAzODQ0Njk3Mg&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvLABykLCcKdlUuE8Gb858HVgpFUkYv5

143 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lp137270 Show response
giveaway.eventnerdz.com/lp/137270/ 47 KB
14 KB 1387ms
1002ms Document
text/html 35.167.136.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.167.136.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-136-136.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 22c5ca16633922b0e6f6a28992eaf9d40299914bc5d671d3260bce4e5051e4a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443";ma=900;
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 13799
content-type: text/html; charset=UTF-8
date: Mon, 15 Jan 2024 20:09:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 all.css
use.fontawesome.com/releases/v5.13.1/css/ 58 KB
13 KB 94ms
51ms Stylesheet
text/css 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.1/css/all.css
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1268869
etag: W/"870dbf9e3d22ee9d7cd21acc620e107b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqEJg3q%2BlAvAjb%2Ba%2B5uKVNww7fxEFd%2BBkJK7i7KTl6LajArHVmn9MC1dIiAOCLWYPjmCHR01kbDlKRvyooN1T1wo0GQf8b34KS0X97vzBvWLM2AzTfKaLyrzNqNewf5o9ex8StX%2FJ9RGnC3M2BUn5FSs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8460c26fbab0f138-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
static.upviral.com/assets/custom_css/css/ 138 KB
22 KB 70ms
37ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/bootstrap.min.css
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4336
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
server: cloudflare
etag: W/"22688-5ac7038a54339-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCRPFsipb5M6tKwQzpZC%2BWeXQ1LKWd6PWN8gIWwj8rh7HZmjrI7DkBxeZiDHIU7rXsDj0Y0OrS4aF%2FbB3eYNoBNPbEO7LbIqe8XicjyX0RrjM1lQfE1Me3CE%2BElqCaQC6RI4gkPbRwH4oaBDos%2FOXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa91365c2-FRA

GET
H2 200 style-templates.css
static.upviral.com/assets/custom_css/css/ 27 KB
6 KB 82ms
50ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-templates.css?v=1.0
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b101a089f7e41dcb9fb895a890ea7b6ce148c2de2a9d64a1550e35fa298de96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 773
cf-polished: origSize=37089
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Oct 2022 07:02:27 GMT
cf-bgj: minify
server: cloudflare
etag: W/"90e1-5eb358eea7a95-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OMeJZW4eiqQ117tzs9aW7khDx0FTWSDDjFoEKlJRVUo9c4OTO2u0LddyLz0dYZJxrUigxiSnHnpvGpztN7Tr6s4yPrcmL0IiDtf5SrOcecaLiUOxTFc6QIDmrKuH7%2BBFYiZnx13FlatN4Mc1HHZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa91265c2-FRA

GET
H2 200 plyr.css
static.upviral.com/assets/custom_css/css/ 24 KB
5 KB 62ms
30ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/plyr.css
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1719
cf-polished: origSize=24885
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6135-5ac7038a552d9-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJa0bhTL%2B5JWCJ%2FOcvjlpQd2sGXCTGUfSNwOkACmwRlIUetToRHeTt4gMHDGACIT5dMdxVOT0dN%2FcxKPZ%2BtbDzn5Wo7DFdnaiNRiX6rkaOYXIL%2BxUiSTpyZ%2Bm5%2BBavBT0i38tl%2FeQvwqZjQWgdcwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa90e65c2-FRA

GET
H2 200 style-templates-export.css
static.upviral.com/assets/custom_css/css/ 24 KB
5 KB 68ms
36ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-templates-export.css?v=1.1
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c17d91b63f9d106e85125afcb7cd5144580e1bde142195c86aa03b370df2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6012
cf-polished: origSize=30802
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Oct 2022 07:02:33 GMT
cf-bgj: minify
server: cloudflare
etag: W/"7852-5eb358f4784ea-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2AChOrShFhnpVtJZHngMuMhDxjb1OIXpx9UBtArAg%2BntUk%2FBwV%2FufKgvq4v%2FSx3pXuwd3%2Bkrs5ckGj%2Bxc%2BaYY9OW6qRH6JNu%2BuvX9KSKYznXxYvG5%2FFI1iRYwZZHj%2B3DmgSaYOIHK5FV9XAN6SyZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa90665c2-FRA

GET
H2 200 tooltipster.css
static.upviral.com/assets/custom_css/css/ 7 KB
2 KB 60ms
28ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/tooltipster.css
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac100278642e28a822fc025295a1cf4969ba1e7a9a1a196b9f2a000d5723aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6394
cf-polished: origSize=9317
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2465-5ac7038a56279-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qityZHGOqEkUEQnUj1Wv1FiPl5J5Vys7TB0udgBO68Aw1sAsEgOxbzgim13X%2BasfqjNId5XtGErUolvfJJ%2FYx9OJf2itgAcyBV9UIUxp2gh%2FAA8LF%2FT%2BTa1L4uKAFcZYIhKrhiediSUq66nD4pHn4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa90865c2-FRA

GET
H2 200 style-grid.css
static.upviral.com/assets/custom_css/css/ 3 KB
639 B 73ms
40ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-grid.css
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2f5f050246366d63f818bdec903e82e51ef79a9af5452a9c57d5c6b794c00e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6012
cf-polished: origSize=4195
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1063-5ac7038a552d9-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzOAWN0fAFah7iuBEK0i6GbEcwHvM%2Byg0TT53S9iowU%2FTVx%2BwaDkqp%2FelN86imO0ypvlWBCQvAam9YyMfaH4yG6HTFM6ijqjzkhuRuZ725JempuT0SB3FgVtGdKA7c1aoaDlAe0bC0IZWUMHMiNiow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa90a65c2-FRA

GET
H2 200 style-ny.css
static.upviral.com/assets/custom_css/css/ 4 KB
1 KB 73ms
41ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-ny.css
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec258beba0f4f51e5d88bb4d64ee01e6cb0d5c518e327cb2e39c665a934c575c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6324
cf-polished: origSize=5650
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Fri, 30 Jul 2021 09:22:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1612-5c853c230c082-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15Wo%2Bnbtz0AyWB3LXIJK50Sp%2F3LsrdQcgWUfBjuWnhdn1rsK6lKgi3JMIOdqdshzXmvS5zfDnwlBj9z3wOSUp9tYumn1YzWuzi7tW5IP9NTodhK9E5OSETflg8vHX99s9iw2g2JDtlYNt1tnoiETlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa90b65c2-FRA

GET
H2 200 custom.css
static.upviral.com/assets/custom_css/ 548 KB
392 KB 76ms
44ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/custom.css?v=4.4
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350339b82122dba7f8bbff0f5fcd92a339a58f490d43a881dd1329787dfceb13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6012
cf-polished: origSize=570029
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Wed, 04 Oct 2023 05:32:57 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8b2ad-606dd56fc82fe-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPK0diEtv4anStSBf66tr9uN5YJvLdAPP4E1BxNzMmFIER5xLHyQhIhV6U0kyzK%2F7m2FaEs5rdClzMeHuOdAOfPm9iiEkTxwgjsaqgPzBvteMPKLMxMDOzphrsbj%2F%2B4IqbCH1lKnDnWXd2mlE5UzyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fa91065c2-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 99ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ca40f63a4e030a057ba5425969b6dd11f7ae21d20f9e475e86eaa554945252b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51471
x-xss-protection: 0
server: cafe
etag: 2844327342599334761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 20:09:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153165760-1

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4abd9bf30a97b124e59abd9d0c553eb55a40caca312ea0340f2a5a1b327ca601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69694
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 20:09:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
83 KB 62ms
41ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-438681185

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59d0da7354bfa46fdf9f49b95c0eefb1965b58746e40c08cd3651c96793dc4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84855
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 20:09:59 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

37ms
7ms

Script
application/javascript

146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100093-IAD, cache-fra-eddf8230063-FRA

Redirect headers

Date: Mon, 15 Jan 2024 20:09:58 GMT
Server: ECS (frb/67E0)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H2 200 jquery-3.3.1.min.js Show response
static.upviral.com/assets/custom_css/js/ 85 KB
31 KB 70ms
38ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/js/jquery-3.3.1.min.js
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5683
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
server: cloudflare
etag: W/"15391-5ac7038a5cfd8-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvtYsnUPjxmX5PNOt2PSgBpi6n%2B7j4a%2FKqSjVNYXLZdVE7XHpk1abnYIzF%2BEBlXoZmprgB0W%2BPhfqCHHcQClXHnA%2FI%2Fa4C8XSCso4Xie51mlo5bVex%2BGez4J7ek9l91dkhb7k45308xkB0U%2BER1MDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fb92165c2-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
static.upviral.com/assets/custom_css/js/ 69 KB
21 KB 74ms
42ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/js/bootstrap.bundle.min.js
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06147e458cd63785f841d0c92047baebedaf5cb50654f6e92e6bb9b34112a356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 790
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
server: cloudflare
etag: W/"11420-5ac7038a581b8-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6war%2BTkbWeggUN5YNyfWhP%2BAsCZuM%2FVEpLcHOht6ReZ12eLVaUXDwTNq3FcCdnXhjv6bqwt2ECO%2FA4VPI4GbMbGo9w0MSNb%2FU6yUd37CNcCgW86V%2FGlKk1msUmjxmOd%2Bcq4XZCeE0c8JCbey8diTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fb91865c2-FRA

GET
H2 200 prefixfree.min.js Show response
static.upviral.com/assets/custom_css/js/ 6 KB
3 KB 63ms
31ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fa2ba189c6449fb988cd8f18195314b5f517d0e9e0161d014847a7acc77a506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 651
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
server: cloudflare
etag: W/"184c-5ac7038a5cfd8-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMKjsQdFSzmp7WHAK5xP2hvDhNogE9AlJ7mQwJeM9ndmJThD3lr9%2B73%2FSU5O4EmQBwbhfPJTEdB4lN2uqrfgQ7VqZvGe5v1ngdcCNlqj6fFl6kbYiA7FIXyPcfU%2BMfEh11uJ3SD4m3IgLXDFls7%2FuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fb91a65c2-FRA

GET
H2 200 plyr.min.js Show response
static.upviral.com/assets/custom_css/js/ 113 KB
32 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/js/plyr.min.js
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90238de78f9a840f13f19cb31f4fe396f856438f7bfb57ceaf426509eb9887c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6370
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
server: cloudflare
etag: W/"1c214-5ac7038a5cfd8-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yC9J8xVEPP9%2BSw4WQH6n5SxXMgmLtciVEOGYYnM4TvwfihxIaFiHfEC1IUHFuG2k85TN5%2BFUjpBWX%2BSV7KsppZ7VtRf83wEz4aavDw4Lo5p5fuwXCS0FWDusPcwpKf8YyqaadK%2Bu9%2BxeGol7c19ihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c270199565c2-FRA

GET
H2 200 custom-template.js Show response
static.upviral.com/assets/custom_css/js/ 1 KB
664 B 65ms
34ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/js/custom-template.js
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab0b10103378e67d197c4f5406300b7e70c34aeeb257599ea798edbd1344110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5424
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 14 Jan 2021 05:52:52 GMT
server: cloudflare
etag: W/"428-5b8d5ddcb70a9-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fzl4B7OHD6j7J379ZQ3YoqEmOUcIkGYByZS6nznTI25qEy5hr6PDzJQNy%2FCAFjC414mWtlM%2FjzQ99krNJnaGHKBPpMvZrdbrHY9zg%2BNPoNQdT31%2FQfP2OhhquV58LDzxk%2B%2BBYj%2F8bCXv%2BssAMZcdRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fb91d65c2-FRA

GET
H2 200 donutty-jquery.min.js Show response
static.upviral.com/assets/custom_css/js/ 6 KB
2 KB 68ms
36ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/js/donutty-jquery.min.js
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c85f79ab815c2baedab98c7e1cc89991b246bacbbcfe274a7430de55fad8cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6065
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
server: cloudflare
etag: W/"175b-5ac7038a581b8-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUA4q10SJjVK33a7PfMHRVEtxLZHRRcKVEXW%2F5%2FAWxteOYESpkxHa0YhqKMYAjD0PJahzoqdeJ0kihZGO0MOR0MB58sk4BQnLotTfK%2BogHGBBNZr%2Fu%2F6LIGErsrM3JhIovAq53l78ZIighilmYih1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c26fb91765c2-FRA

GET
H2 200 all_js.min.js Show response
static.upviral.com/assets/js/ 536 KB
157 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/js/all_js.min.js?v=2.9
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 624f4a1b9ad8eac26eafb106b22c9737a38b21f31212b3bec6aaa727c1bdebc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6323
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Wed, 22 Nov 2023 08:23:03 GMT
server: cloudflare
etag: W/"8613b-60ab96d8cb456-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw0OjYjAgsh6c%2FA0FtNr1RxxRZryOC8%2BnjoipeSa5IJE3RrzVzNSO4Hk9gNv51Zr%2Fslp4XbKdCfQkzp2o14FQjqgHidnWIMhai24KR95EENRTGpLgNPKQoxUokWXsDqiU%2FyTChYeZ0zm5QIabjgU9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c270199865c2-FRA

GET
H/1.1 200
OK 1653598406event-nerdz-logo-1apng.png
upviral.s3.amazonaws.com/upviral/ 14 KB
14 KB 336ms
115ms Image
image/png 52.217.85.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upviral.s3.amazonaws.com/upviral/1653598406event-nerdz-logo-1apng.png
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a68300f0062dc6f56cae68897de0bc1e39aad39180e0ccff54e34e81c61ad78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:10:00 GMT
Last-Modified: Thu, 26 May 2022 20:53:28 GMT
Server: AmazonS3
x-amz-request-id: 30CR8G69FBGE0V89
ETag: "7cf9cfafc010e446e5d9baf89c6c3276"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 14225
x-amz-id-2: 2BIjKH2dWZqWSFAu5lYZf/qlrtIHK/fXUWTERjKxZzuYQLbb7pktJnV8kuBLhe7Utm863fzIcuw=

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 20:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 19:15:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 20:09:58 GMT

GET
H/1.1 200
OK 1679432415Februarypng.png
upviral.s3.amazonaws.com/upviral/ 574 KB
574 KB 360ms
118ms Image
image/png 52.217.85.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upviral.s3.amazonaws.com/upviral/1679432415Februarypng.png
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd0154daba4727f3fbaca0b516c3dcf564414305146a311aeacd78829f4e7812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:10:00 GMT
Last-Modified: Tue, 21 Mar 2023 21:00:16 GMT
Server: AmazonS3
x-amz-request-id: 30CYDQY29MGEHXT8
ETag: "9534f5c297b4a205e41508fd5dd3ead3"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 587374
x-amz-id-2: yAAqdtUs3n5UUqd+jqhRpVgYdDqpKIYbqXFgsZdceWIpciF2OO19cafwCTtD9Y4ZEPMgO1gzYqI=

GET
H/1.1 200
OK 16541225342300FE32-A681-4003-9ED4-76649DB94744JPG.JPG
upviral.s3.amazonaws.com/upviral/ 239 KB
240 KB 390ms
189ms Image
image/jpeg 52.217.85.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upviral.s3.amazonaws.com/upviral/16541225342300FE32-A681-4003-9ED4-76649DB94744JPG.JPG
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ed176a96b9020f83f4a04e8a97a80637aaebb95d3a80dd6abb8a5662344779e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:10:00 GMT
Last-Modified: Wed, 01 Jun 2022 22:28:55 GMT
Server: AmazonS3
x-amz-request-id: 30CY6VGV1GECWAHA
ETag: "e4e1e0114079c9dc938c655ee1d934af"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 245193
x-amz-id-2: zpX3IxG3weE7l2J34x699x12IAuynMxkyjL6u31XMf9mRoaKatbRcParG8aukUnfCkSsCSlDog4=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 39ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jan 2024 20:09:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 4S8ZK4S1cpr6/xDQf8s0kAnm01xPvRN8gKC5RDrSLCDH7yUYbCAcutd3gPjkJQvaIsR14rKU691j7mAwPVK4vQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
73 KB 53ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKVQQVN

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

784f2a13a5f055daee0754666d63759369827ab9b97f9e15301165d9a6efb07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74900
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 20:09:59 GMT

GET
H2 200 adsct
t.co/i/ 43 B
379 B 205ms
186ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=0b496651-6afc-4806-a071-c7beedc2ba72&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f67262c3-76e2-47fb-b2ca-d52a09aeb85b&tw_document_href=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5pql&type=javascript&version=2.3.29

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 179
date: Mon, 15 Jan 2024 20:09:58 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 75e36828fba18a10
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 7ff2410da3b87330c88b3484704aea5ffe77beb61dd50cbab07829f196242f8a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 150ms
117ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=0b496651-6afc-4806-a071-c7beedc2ba72&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f67262c3-76e2-47fb-b2ca-d52a09aeb85b&tw_document_href=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5pql&type=javascript&version=2.3.29

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 15 Jan 2024 20:09:59 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1118f47b198be41d
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: f3486149b385d44d0d18592202671ebc3f7e39172b79c897a4afc6bf8e05f452
content-length: 43

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 208 KB
73 KB 207ms
101ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3b43adc4bb1104e13a1e0644c0aedbc64a57b7fca1ecfcc67188b1957dd1c087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11fae"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 73646
expires: Mon, 15 Jan 2024 21:09:59 GMT

GET
H/1.1 200
OK 1662407866younho-choo-f6ImWlMhn18-unsplashpng.png
upviral.s3.amazonaws.com/upviral/ 300 KB
300 KB 228ms
146ms Image
image/png 52.217.85.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upviral.s3.amazonaws.com/upviral/1662407866younho-choo-f6ImWlMhn18-unsplashpng.png
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00bce56b976760b812f6f909a5498f2b1fa14388ce32e066631e813d02753d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:10:00 GMT
Last-Modified: Mon, 05 Sep 2022 19:57:47 GMT
Server: AmazonS3
x-amz-request-id: 30CMWXTVCZPT6HCT
ETag: "1a9f45e70153f58ce304941fae09c138"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 306885
x-amz-id-2: f10my2HriomV+ztESARgX+pMOS3wOLS8Bs6n6/HLvqKqKu4c/9juIFf6Y0PX1ReEhfvkwbaHhIg=

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://giveaway.eventnerdz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:10:26 GMT
x-content-type-options: nosniff
age: 395973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 06:10:26 GMT

GET
H3 200 upicon.ttf
static.upviral.com/assets/custom_css/webfonts/ 38 KB
22 KB 851ms
838ms Font
application/font-sfnt 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/webfonts/upicon.ttf?7
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/css/style-templates.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bffebaa12d83062af2def4d2f8e5127346c1f766c4cd27ee0a10249a95df0c82

Request headers

Referer: https://static.upviral.com/assets/custom_css/css/style-templates.css?v=1.0
Origin: https://giveaway.eventnerdz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"984c-5ac7038a5df78"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCmQcfXuPGNZHqW7RfBIjzy6YzRhEozWUV6CAHq0LcVIYcspiLUqFAOdfJFwEIXZmIyesyqP8cVRgP6aEyPNrnVT6JuejRAsfAxPKf8AEXo%2Bf64f5s6E0GVAkF%2FOqWgBW9LUbv8vtA8%2FMr5O5lNv2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d8a9a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.css Show response
use.fontawesome.com/releases/v5.13.1/css/ 58 KB
13 KB 223ms
178ms XHR
text/css 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.1/css/all.css
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"870dbf9e3d22ee9d7cd21acc620e107b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv28rhmSHf%2FNiCYc93aqAa6bS%2B%2FFypjyyH%2FKfQ%2BT1AdmI9f4FoNgLvbSsJjy4xDfHqUAmNlRDHDrd0DVf3HoN6HcsqyqLwf%2B7mLxyv%2FOcJZY2a7s%2FzVkjP42LJVavss5P%2F5Gb2JyO64HBoYdKNUQ9SGK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8460c270ae443c99-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.css Show response
static.upviral.com/assets/custom_css/css/ 138 KB
22 KB 681ms
678ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/bootstrap.min.css
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"22688-5ac7038a54339-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kUippPodlI9LJUtCBTD%2BrEcFb1GA6l%2B6NNsZ3n%2BAaQskSyQWy4GIovbwbKI3fagLFi1dx2HUMQGWUmGVeD9HqNmMNnJ9ufuaK6gUjZzks1N0BDSXSS7QgjThVWmgB75EjofstLwrvDo6toBU8crEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d929a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style-templates.css Show response
static.upviral.com/assets/custom_css/css/ 36 KB
7 KB 543ms
541ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-templates.css?v=1.0
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84dcc96a95b39eadf25bc0fcaf5cb813b8ba9e4987d87093236bc8f0bbb3908b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 17 Oct 2022 07:02:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"90e1-5eb358f4784ea-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lgvf9x0v3dWC%2Fgx3%2BcufORwk4qX4q74lTDHJYhm1%2BrsZi%2BDyx6SHrHdL4lASFJZE3x45vnVcghcsDJvQMW1S3Ww6XqMpuPyZ0ezr7Y6nCsm11acdlMWzgZUSRtnpvrIj4bvYLK1nfxXhS3pP14ao3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d909a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 plyr.css Show response
static.upviral.com/assets/custom_css/css/ 24 KB
5 KB 525ms
523ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/plyr.css
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615634720325377624eb3e7eb0b9c3f7480594a0115b38c3c164a745e6f40132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6135-5ac7038a552d9-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QSdAksnB4uW1%2Bl65h931ZvaHSCdXDIjrXJy5kl%2FeRIc6YgrjcSmcvTOlteOY%2FCP2w02JwctYlkybAHF4gNYf3agl%2BLRbZoZlncuYfYaxiFMlJe2NYieG0CodRr49iWzGUKmbgF8lszSDLjhc1pqsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d939a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style-templates-export.css Show response
static.upviral.com/assets/custom_css/css/ 30 KB
6 KB 526ms
524ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-templates-export.css?v=1.1
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62a1d3bbcff0cdf4128f19252cb3e463ca1c749c7e5fae067450443a3977dbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 17 Oct 2022 07:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7852-5eb358f196373-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysHUlLVOVY6u%2Fzl0FTBMELp%2FDEqYpdfU0ncVFY7d1%2BKjzqnc5hNehBrtYwuyDbdvDtPXxvqWemYvIKdNz9XpA0pWBq2t%2FPmlYF8wUp%2BfV%2Fm%2BY6YXO%2BeCfqwsWqGnsSLOum5GJ1vrl8FCOIzdSEqtXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d959a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tooltipster.css Show response
static.upviral.com/assets/custom_css/css/ 9 KB
2 KB 538ms
536ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/tooltipster.css
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3c9f9fbd649d05a1fd08247b3cb102ca54fb47d153b59b1f4666f1ab3f9edd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2465-5ac7038a56279-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgVB2SzX8srVF5gV%2Bsh2h6UQLOBCGh%2F4XArlbCB%2BoLp9%2BEOmUtn%2B%2BEu5B7NfXgB%2FrQwIevQyuF7OdnIn99IWjA2AlgXDmFyBugoZLW2DwmcHLjm%2Fg%2FBzpbepsPfLRsdvQHN8%2FuXPP58TAkme1WTYqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d969a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style-grid.css Show response
static.upviral.com/assets/custom_css/css/ 4 KB
977 B 514ms
512ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-grid.css
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbcbcaf658dde72ef89e91ab99d3de9e45a18e815a934640ff67e4f7d2949974

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 11:34:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1063-5ac7038a552d9-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FkHXlD3kwiYFqK%2FybIeGqQozwmfjVSERUPuuGnuVRcOd5%2Bs4njBDwwWRq5NfTPpZH5%2Bdwma1A0JWf67OJOGDGhTTy2wWhNnZccHy7F1pr0tVTRI3S0a9c%2B1b5hv4Sj4ZiOfPBzeAMC8Gp0grt688A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d979a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style-ny.css Show response
static.upviral.com/assets/custom_css/css/ 6 KB
2 KB 536ms
534ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/css/style-ny.css
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed965c6c2b8739e597edde025ae4876570759c50f10e8694c44a1299b2b1a6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 30 Jul 2021 09:22:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1612-5c853c1ff63fb-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVxgKcyNZWFfeg%2B2vekLnuthdZkTUPaLfQ%2FGeW8OgM7KdD%2BofidNqhq%2FF8Ip7FIZS2N3VFyAbQO62v40TkVRd6rzq6zqD9hIuJ5d28I7TPXwAuoRXEv2vQ%2F%2FoLcJJkdgZHwN82CDE4Bo6TQ5MjmkiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d999a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom.css Show response
static.upviral.com/assets/custom_css/ 557 KB
392 KB 851ms
849ms XHR
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.upviral.com/assets/custom_css/custom.css?v=4.4
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac7ff0eae75845f9da98a78f599c08dfcb9b0f7c4879f15522e4f00588e5dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 04 Oct 2023 05:32:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8b2ad-606dd56fc82fe-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WHpKm%2BMSlcB3ZKHpEQLEvGsMPCnW6FEn0gRRyxQOntw%2BzwxCWv8ma240%2FoJl14w%2FNMbMonpjOhsjX4F1o9d6JI8%2FH0j823KAUDUkmpMKX0o25qwnssJu9oxPXChFEXXd7b1gbqgm%2BXCN%2B7TylLSaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate, proxy-revalidate
cf-ray: 8460c2705d9b9a0c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 css Show response
fonts.googleapis.com/ 6 KB
1 KB 31ms
16ms XHR
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans

Requested by

Host: static.upviral.com
URL: https://static.upviral.com/assets/custom_css/js/prefixfree.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 19:27:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 20:09:59 GMT

POST
H2 200 ajax Show response
giveaway.eventnerdz.com/lead/popup/call/ 91 B
445 B 238ms
237ms XHR
text/html 35.167.136.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://giveaway.eventnerdz.com/lead/popup/call/ajax
Requested by: Host: static.upviral.com
URL: https://static.upviral.com/assets/js/all_js.min.js?v=2.9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.167.136.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-136-136.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 528e4ff857e86d2d05a07f463a96ef00d7b2813b4d6ea389cdbd284d929006f9

Request headers

Accept: */*
Referer: https://giveaway.eventnerdz.com/lp/137270/lp137270
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
alt-svc: h3=":443";ma=900;
content-length: 101
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 527369568817932 Show response
connect.facebook.net/signals/config/ 142 KB
36 KB 75ms
75ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/527369568817932?v=2.9.140&r=stable&domain=giveaway.eventnerdz.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38593726df1dd64f316510e2129228d002bc68707fb4571c271779baba0eab69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jan 2024 20:09:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2S9R0bqGPpJw9lSSwyDFJYPJO086O4K27vC3oEHqJnN8LZmC6es51bP2KrXjlZFTu32hJ9+FTJRDQIgQhvdyvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
93 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZWGJL1C4V6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153165760-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

823bf47febaca2c2aa0227b998dc655e7f052d68a2cd24a9b491bfc478dc0383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jan 2024 20:09:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153165760-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 19:48:13 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1306
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 15 Jan 2024 21:48:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
83 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-438681185&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153165760-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

459bd3167967811c980365e8e11027411ebdd4a8f6f693e55188d7edd46dc6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84731
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jan 2024 20:09:59 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 38ms
11ms Script
application/javascript 2a02:26f0:3500:89a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKVQQVN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:89a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1836

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 26 KB
8 KB 30ms
7ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKVQQVN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:09:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2023 13:05:28 GMT
Server: AkamaiNetStorage
ETag: "928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7779
Expires: Mon, 15 Jan 2024 20:29:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/438681185/ 3 KB
1 KB 70ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/438681185/?random=1705349399188&cv=11&fst=1705349399188&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-438681185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcf1e459ad93231b5a61cd092a60e6d0fccf8e11338b0fe28b7fc260ec7b86b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11365494625/ 3 KB
2 KB 63ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11365494625/?random=1705349399196&cv=11&fst=1705349399196&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-438681185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3366ef4d5f7afb5d9151de6d10b1d67d9c8d0d8913a12456535f03a8eac1984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/438681185/ 3 KB
2 KB 167ms
48ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/438681185/?random=1705349399201&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&label=VDdeCK2Uq_QBEOH8ltEB&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&gtm_ee=1&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-438681185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

979347b39ebaf9eec608ca41280a1a0624b506ad3e4d4697f1ad1ba6c2f0c2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1588
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7450057024913681&plah=giveaway.eventnerdz.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ada13717fb593f726da54a569e280418d76e11f8761c63e4386521ce7e6dad23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139389
x-xss-protection: 0
server: cafe
etag: 1762816835971219881
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 20:09:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 35D4 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 01:39:14 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 01:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 402ms
89ms Ping
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0252212976448007&referrer=&cht=gtm&marketerId=004960ca17d3b08921b6bcbab56a6ca894&name=PAGE_VIEW&dl=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:09:59 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 69d1328f5d79ac373860c80b2c334943
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 403ms
91ms Script
application/javascript 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=004960ca17d3b08921b6bcbab56a6ca894
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: br
X-TraceId: 03584906dfa616a63a35b74c99aea91c
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 004960ca17d3b08921b6bcbab56a6ca894 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 888ms
790ms Script
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/004960ca17d3b08921b6bcbab56a6ca894
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:10:00 GMT
Content-Encoding: gzip
ob-sent-time: 1705349399999
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: e453fe9054d295f7ad1eed1431518e3d
Content-Length: 22
Expires: Mon, 15 Jan 2024 20:11:00 GMT

GET
H2 200 main.43c0095c.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:89a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:89a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19076

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1787431023&t=pageview&_s=1&dl=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&ul=en-us&de=UTF-8&dt=Disney%20Park%20Pass%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1854903916&gjid=1663180238&cid=1872568115.1705349399&tid=UA-153165760-1&_gid=852959418.1705349399&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=93468213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://giveaway.eventnerdz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 905331769868925 Show response
connect.facebook.net/signals/config/ 147 KB
37 KB 779ms
779ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/905331769868925?v=2.9.140&r=stable&domain=giveaway.eventnerdz.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85d8cf0e0ca0e443b4014515371dd148cc78c0748836b4a7d10b4a32de2c53b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jan 2024 20:10:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Q3Ym5cVADhM3vR8dCsOaUBrZuM/5A07EaEoZjgpzZF0WeQA2gnenoFK35H96E/XstDwR/TbXNY/55LMWyZa4yA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 65ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZWGJL1C4V6&gtm=45je41a0v883659729z8860846483&_p=1705349399049&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1872568115.1705349399&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705349399&sct=1&seg=0&dl=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&dt=Disney%20Park%20Pass%20Giveaway&en=page_view&_fv=2&_ss=1&tfd=1714
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZWGJL1C4V6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 70ms
19ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZWGJL1C4V6&cid=1872568115.1705349399&gtm=45je41a0v883659729z8860846483&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZWGJL1C4V6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 81ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZWGJL1C4V6&cid=1872568115.1705349399&gtm=45je41a0v883659729z8860846483&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=774676256

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 298 B
413 B 83ms
38ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614183107750&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1705349399279&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6a1d51d0e8e557b18e2be8bb3fbbd54c43840fd194b41d54178b78b154812ee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1655682522432501
content-length: 174
pin-unauth: dWlkPU9XTXlZVFJsWm1NdE5XRXpOQzAwTlRVMkxUZzFZVFF0TTJFM1lXVTRNemc1WmpFMg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://giveaway.eventnerdz.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
399 B 79ms
35ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614183107750&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1705349399280
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1438490594096265
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11365494625/ 42 B
455 B 61ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11365494625/?random=1705349399196&cv=11&fst=1705348800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_2o4FZQRu07UpHfANJpBiH_Vh4DxvOQ&random=472959966&rmt_tld=0&ipr=y

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11365494625/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11365494625/?random=1705349399196&cv=11&fst=1705348800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_2o4FZQRu07UpHfANJpBiH_Vh4DxvOQ&random=472959966&rmt_tld=1&ipr=y

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/438681185/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/438681185/?random=1705349399188&cv=11&fst=1705348800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_8hIq1panDw8Pln45U0Y23sCdiaVJiA&random=2316047600&rmt_tld=0&ipr=y

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/438681185/ 42 B
154 B 20ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/438681185/?random=1705349399188&cv=11&fst=1705348800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_8hIq1panDw8Pln45U0Y23sCdiaVJiA&random=2316047600&rmt_tld=1&ipr=y

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 22ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-153165760-1&cid=1872568115.1705349399&jid=1854903916&gjid=1663180238&_gid=852959418.1705349399&_u=YEBAAUAAAAAAACAAI~&z=1939331324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://giveaway.eventnerdz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 15 Jan 2024 20:09:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-153165760-1&cid=1872568115.1705349399&jid=1854903916&_u=YEBAAUAAAAAAACAAI~&z=3792673

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-153165760-1&cid=1872568115.1705349399&jid=1854903916&_u=YEBAAUAAAAAAACAAI~&z=3792673

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame A5C3 2 KB
1 KB 52ms
52ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7df4ad4c074a08da990fb11d3a0ef15eeed691e2791acc040342e0a79ea06370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 801
content-type: text/html
date: Mon, 15 Jan 2024 20:09:59 GMT
etag: "65898a2e-321"
expires: Mon, 15 Jan 2024 21:09:59 GMT
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
475 B 51ms
51ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Jan 2024 21:09:59 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8575 48 KB
18 KB 1142ms
1141ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450057024913681&output=html&adk=1812271804&adf=3025194257&lmt=1705349399&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705349399210&bpp=2&bdt=262&idt=180&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3560537248185&frm=20&pv=2&ga_vid=1872568115.1705349399&ga_sid=1705349399&ga_hid=1787431023&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080265%2C31080411%2C44798934%2C95320890%2C95321627%2C95321966%2C95322162&oid=2&pvsid=1681793005976022&tmod=723046081&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7450057024913681&plah=giveaway.eventnerdz.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e05fc6c23d575819d8d853f9a2f5cb1beca50b14f3c975770102d589a5eedf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18371
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 20:10:00 GMT
expires: Mon, 15 Jan 2024 20:10:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/438681185/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
108 B

24ms
23ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&label=VDdeCK2Uq_QBEOH8ltEB&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&gtm_ee=1&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEVJZ015VHJRWVE2SnU4M3NxVDVmZVVBUklrQU51aWo1VHQ2NE5zcTVlOUFDNEtEcEZMZmJwTFBnaVJtd1gzcU1VamJuazZKUUhDGlZDaEFJZ015VHJRWVE1dFgtazZ2YjJNa3NFaXdBM2FYdC1JQ0RxNmFRYjRveWhpdGhGMkUzUGMtUXI0bk4yTXljZWV4ejJvMkpkNjRHLXp1RU5LYVZVQSITCN3hqcmZ4IMDFeVjkQUd7vIB6w&is_vtc=1&ocp_id=F5GlZZ36FOXHxdwP7uWH2A4&cid=CAQSKQAvHhf_JYbH9-udi0zoaZjyiQYi-N2gF792cDDZGy20xQCLnjKY3rCb&random=3553236836&ipr=y

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/438681185/?random=1028611691&cv=11&fst=1705349399201&bg=ffffff&guid=ON&async=1&gtm=45be41a0v883969007&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&label=VDdeCK2Uq_QBEOH8ltEB&hn=www.googleadservices.com&frm=0&tiba=Disney%20Park%20Pass%20Giveaway&gtm_ee=1&auid=55145525.1705349399&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEVJZ015VHJRWVE2SnU4M3NxVDVmZVVBUklrQU51aWo1VHQ2NE5zcTVlOUFDNEtEcEZMZmJwTFBnaVJtd1gzcU1VamJuazZKUUhDGlZDaEFJZ015VHJRWVE1dFgtazZ2YjJNa3NFaXdBM2FYdC1JQ0RxNmFRYjRveWhpdGhGMkUzUGMtUXI0bk4yTXljZWV4ejJvMkpkNjRHLXp1RU5LYVZVQSITCN3hqcmZ4IMDFeVjkQUd7vIB6w&is_vtc=1&ocp_id=F5GlZZ36FOXHxdwP7uWH2A4&cid=CAQSKQAvHhf_JYbH9-udi0zoaZjyiQYi-N2gF792cDDZGy20xQCLnjKY3rCb&random=3553236836&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/ Frame A5C3
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10249.fckKT9jfT75z6C2gmfUsxC32f_saYmWORcVgi7iy3sttkhxeXpCrSlBg1EBb_bhO.usEY-eJMXNFGMPyEBMp4KSP45iw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10249.wyOteIXuTL46jAfeb0j8m5JhhkW6uQ9lUeW4qYpbSNxlpnoLoKVHMM24hjZSFgWtw6qI4_OCi_MYhsvCI_xLcHP27vdkdSJMs2_PAjpf1FVMTVQwW4TLoxKZAmRYGcHQnII5gf99YQ...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.-_KupgCdtWi3dSFtvHJ5DRxX9lQo6g0u0pLuohZGl-36VwQx6LHfnRI0z6NuNCUROz3QqJv_9NbVMCMk7lFxAQRqxxPiaRhjMp4FByPQP3Hk2...

43 B
612 B

50ms
50ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.-_KupgCdtWi3dSFtvHJ5DRxX9lQo6g0u0pLuohZGl-36VwQx6LHfnRI0z6NuNCUROz3QqJv_9NbVMCMk7lFxAQRqxxPiaRhjMp4FByPQP3Hk2mnsTSTNAGfE_rnjAXfmWDioPC2v7X0WJ7-vCb0j3BDqX5nwTKdwi1QhXnKmG0-tre373HkbBUuXQeZ7KYp8XXdVWnMJY_6iu5tisn6FUg%2C%2C.IaUWo6v2sLxfxfAv_lQrEPBuIYc%2C

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:09:59 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.-_KupgCdtWi3dSFtvHJ5DRxX9lQo6g0u0pLuohZGl-36VwQx6LHfnRI0z6NuNCUROz3QqJv_9NbVMCMk7lFxAQRqxxPiaRhjMp4FByPQP3Hk2mnsTSTNAGfE_rnjAXfmWDioPC2v7X0WJ7-vCb0j3BDqX5nwTKdwi1QhXnKmG0-tre373HkbBUuXQeZ7KYp8XXdVWnMJY_6iu5tisn6FUg%2C%2C.IaUWo6v2sLxfxfAv_lQrEPBuIYc%2C
date: Mon, 15 Jan 2024 20:09:59 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=527369568817932&ev=PageView&dl=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rl=&if=false&ts=1705349399435&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705349399236.702890164&cs_est=true&ler=empty&it=1705349399141&coo=false&cdl=&rqm=GET

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 Jan 2024 20:09:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/75341065/
Redirect Chain

https://mc.yandex.com/watch/75341065?wmode=7&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj...
https://mc.yandex.com/watch/75341065/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dy...

462 B
596 B

51ms
51ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/75341065/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A687951623100%3Ahid%3A291636425%3Az%3A60%3Ai%3A20240115210959%3Aet%3A1705349399%3Ac%3A1%3Arn%3A106853422%3Arqn%3A1%3Au%3A1705349399148030472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C362%2C1002%2C1%2C%2C0%2C%2C141%2C15%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1705349397558%3Agi%3AR0ExLjEuMTg3MjU2ODExNS4xNzA1MzQ5Mzk5%3Afp%3A1538%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705349400%3At%3ADisney%20Park%20Pass%20Giveaway&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29pe%281%29cs%28kcad%29efid%281%29ti%281%29

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7b5ad8e2c9632e9aca635faf94aaa92987c64a7976400204f7c51de5cc827e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Jan-2024 20:09:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 462
x-xss-protection: 1; mode=block
expires: Mon, 15-Jan-2024 20:09:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:09:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Jan-2024 20:09:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/75341065/1?wmode=7&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A687951623100%3Ahid%3A291636425%3Az%3A60%3Ai%3A20240115210959%3Aet%3A1705349399%3Ac%3A1%3Arn%3A106853422%3Arqn%3A1%3Au%3A1705349399148030472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C362%2C1002%2C1%2C%2C0%2C%2C141%2C15%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1705349397558%3Agi%3AR0ExLjEuMTg3MjU2ODExNS4xNzA1MzQ5Mzk5%3Afp%3A1538%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705349400%3At%3ADisney%20Park%20Pass%20Giveaway&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29pe%281%29cs%28kcad%29efid%281%29ti%281%29
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Jan-2024 20:09:59 GMT

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 9FF2 2 KB
1 KB 53ms
53ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7df4ad4c074a08da990fb11d3a0ef15eeed691e2791acc040342e0a79ea06370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 801
content-type: text/html
date: Mon, 15 Jan 2024 20:09:59 GMT
etag: "65898a2e-321"
expires: Mon, 15 Jan 2024 21:09:59 GMT
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H/1.1 200
OK metrica
adfstat.yandex.ru/ Frame 9FF2 0
0 164ms
54ms Image
application/json 2a02:6b8::346
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adfstat.yandex.ru/metrica?id=291636425
Requested by: Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::346 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 892931548165855 Show response
connect.facebook.net/signals/config/ 156 KB
38 KB 138ms
137ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/892931548165855?v=2.9.140&r=stable&domain=giveaway.eventnerdz.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7001f8e450724509b1585956a413caf660e3e48552578130debeba2db647783

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jan 2024 20:10:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: kWvFlS34FJ7VjaRSgL4DTETZ/CpkofjisAKeGWLcZgQmOepiOXtaek42rLbEI4LRiVgkZnERHvYuGnGm5WmSnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=905331769868925&ev=PageView&dl=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rl=&if=false&ts=1705349400028&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705349399236.702890164&cs_est=true&ler=empty&it=1705349399141&coo=false&cdl=&rqm=GET

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 Jan 2024 20:10:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=892931548165855&ev=PageView&dl=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rl=&if=false&ts=1705349400178&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705349399236.702890164&cs_est=true&ler=empty&it=1705349399141&coo=false&cdl=&rqm=GET

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 Jan 2024 20:10:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 8558 565 B
425 B 37ms
35ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 15 Jan 2024 20:10:00 GMT
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 3698434064330228

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
58ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b4c6ab47b758b82496116b4f9134056ddc34085a56c27e9971e74457b502979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12389
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaeb1f50fad6434eebac6c0506c0c39ea69398aad07dd3173e10f0eecd05e3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56406
x-xss-protection: 0
server: cafe
etag: 6794145145049992837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 20:10:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 1800 9 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 03:19:40 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 03:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 76ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 20:10:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D983 624 B
242 B 50ms
49ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGM_e8YMCMAE&v=APEucNUhFjdfvNAnxzE-27RH_BTjSLXYO6lbIhRXLs7GT18ODoPYQabbnSoW9NN8cfYGJHENWUjQLRyDBKv7XSD1gPy0z5DmEIT_orVQOFvyXFvpOJXplIM6uuxt6qfhS73gPK6msTIkElzn-iUK4_9bPgt-3buEDKfuN0K-oLfnXGDFYza-b0w

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 20:10:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1A3B 89 KB
31 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 20:10:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 1A3B 60 B
60 B 72ms
19ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=docmorris-dv360&extProvId=300&extPu=docmorris-dv360&extLi=1015744636&extPm=20933805833&extCr=545025871&rnd=1705349399571002&gdpr=&gdpr_consent=

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 20:10:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 15 Jan 2024 08:10:00 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 263
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1A3B 3 KB
1 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 17:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:56:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1A3B 20 KB
9 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A3B 205 KB
65 KB 50ms
28ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 20:10:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A3B 42 B
63 B 48ms
48ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9Dotn8w7an0eb23tNVgd8IziTG2CYhnDEDm9iHw8nJ6jnxg-kd4j0n4tiYOlMfo_CyM2NOSWtQqW5iftzQsvwbR7_K4gvRE5HlJkdtu9IjICK-Sw

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D983
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1

43 B
343 B

25ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGM_e8YMCMAE&v=APEucNUhFjdfvNAnxzE-27RH_BTjSLXYO6lbIhRXLs7GT18ODoPYQabbnSoW9NN8cfYGJHENWUjQLRyDBKv7XSD1gPy0z5DmEIT_orVQOFvyXFvpOJXplIM6uuxt6qfhS73gPK6msTIkElzn-iUK4_9bPgt-3buEDKfuN0K-oLfnXGDFYza-b0w
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BtyBzWTVC86RRRBkD64XPRfrUYo%2F1nQ%2FzB%2BcbTGzjQumgLQVqP%2BU1RrxN943v99FrJVYojwpDFOGko4Jm8ZA676qTTeqM5qgW6wkfbeEuH3pLQOwX7ACilVQnCAwNuIuqbO1%2BbIOHHb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8460c27adbfa5c5c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D983
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWRGDIPXz4Vk0JbFEkE3wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1

43 B
770 B

40ms
40ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGM_e8YMCMAE&v=APEucNUhFjdfvNAnxzE-27RH_BTjSLXYO6lbIhRXLs7GT18ODoPYQabbnSoW9NN8cfYGJHENWUjQLRyDBKv7XSD1gPy0z5DmEIT_orVQOFvyXFvpOJXplIM6uuxt6qfhS73gPK6msTIkElzn-iUK4_9bPgt-3buEDKfuN0K-oLfnXGDFYza-b0w
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JFiC8EwEFbj9ResbFGg1p%2BiB6psMG5OJfY78Q79lHNkCzlVORP2Ql8OFrQOShPWTJGwrHH18HitmK%2B9OtmmRS2yZjU7I7G%2FuVD%2BXspV3JmUrsLXGECkEckusSYX87tqS2HwjOs1Bf0hMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8460c27b2a219122-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkIE-Q5Z2BbhtkhA2T_ffk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D983
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPlGbloIMu1DcnqnUHyuVMA&google_cver=1

43 B
1008 B

14ms
14ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPlGbloIMu1DcnqnUHyuVMA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCB94ACGM_e8YMCMAE&v=APEucNUhFjdfvNAnxzE-27RH_BTjSLXYO6lbIhRXLs7GT18ODoPYQabbnSoW9NN8cfYGJHENWUjQLRyDBKv7XSD1gPy0z5DmEIT_orVQOFvyXFvpOJXplIM6uuxt6qfhS73gPK6msTIkElzn-iUK4_9bPgt-3buEDKfuN0K-oLfnXGDFYza-b0w

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
an-x-request-uuid: f0e7d8ce-e09c-4e38-bc6b-6ecee88501bd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.197; 80.255.10.197; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPlGbloIMu1DcnqnUHyuVMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D983
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzgwODE1MTE5NTY5MjM0Nw%3D%3D

170 B
243 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzgwODE1MTE5NTY5MjM0Nw%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
an-x-request-uuid: 9d845690-9dc9-4ea9-9a40-ba1ea15e2349
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NzgwODE1MTE5NTY5MjM0Nw%3D%3D
x-proxy-origin: 80.255.10.197; 80.255.10.197; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F4A7 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 17:58:36 GMT
expires: Tue, 14 Jan 2025 17:58:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 142E 829 B
560 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4dc7ec907bc0432885702c6d8f0a0a44b248b2c26dab3ca8d3fbaa38753021d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H2cEX3A7aGL17OkuXTjudg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.eventnerdz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H2cEX3A7aGL17OkuXTjudg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 20:10:00 GMT
expires: Mon, 15 Jan 2024 20:10:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame F4A7 39 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 11:41:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 142E 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1681793005976022&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 75341065
mc.yandex.com/webvisor/ 43 B
0 299ms
102ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/75341065?wv-part=1&wv-type=7&wmode=0&wv-hit=291636425&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rn=870252388&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1705349401%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240115211000%3Au%3A1705349399148030472%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Ast%3A1705349401&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.eventnerdz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Jan-2024 20:10:01 GMT
content-type: image/gif
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Jan-2024 20:10:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A3B 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=254691829024&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A3B 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=254691829024&version=m202309260101&ct=119&x=1&cor=15751653280836712000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1A3B 92 KB
38 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DulYb2HRZj2fO9Ug0PPRTHAd8qEFOcOSbn6ePUl_Nv4RSvCRt8NdeTGMvdv2ta1dOzY0fUpngbBgmEv9o1iGVU4BoNCYy5prb9mQQMA3drI2Om-Be2Q2mYiRicwY9Jzz7ZDDeQVfkBPTMJ7l6GwBJD_wfiedJEfqGbKPS0ht3ahEk_scnydBLv4EfuIWOe0Q_dqsor&cry=1&dbm_d=AKAmf-BPE4yHSvYrOf4aDFTV3bhBLuF48BJNlMamewbWpnAyhAGiRHxytlIALFJcSkjRcmTHiT1s10x1Er0J6qEck_hdH9jbpKYNhvmDyynXESNV2HvZx88xPGMIsBqla52bRWSvy2Ht-CUCBUVJ9Hn8njeJ9deT4NANSHSOhgM-EqCugDLfa4vW5bjXoSYujiQjW-yUVxSvcF_43GIkAIbEXCrJCl0Hh-0tXHPK7d4D4ImmhzH_QpJolas4DIdybdHqJ1LAaL3VIvkEnoTuH4Shw9Az2rMv_Kj0MGC3YjLxjnWZXhLSWCOclVu_5OiiwVx5mOk2dT_-oQKcJnst-OIP0x3XZD8wqlsMxYz280TWxkk3e5abje9u6JfEKHGr3V4Rkqx6NZr4RP2o2aZ6kLuKcjTYeNddJZ2EntSFZN9jPTDGqX4OvduFI665ad3rq0ANwp6ctTYQXdVCX5fPh9RN8Laa-BdkWc87eHXMD7p7DNcrxBLK_lfL4cJ9MFSmoYEC9d-Eg8Qhtj5FxYNbSLJExWNGmdkLqhVQWosNMLTOprcnE1gGOuZiWXcTELhY3ymswc6UUDSbxpF8GdqYdj_b4Cp8UEy43-pWknPqJ3Sk2146clF1onyCv6gTFViYlQSmMrjEbnDaA0aJ9eL96xEZHl1vha64hsnGmydR3hNd45rBOzn9UsaG9_VaruigNCYeb8PhrlCHuXxhapzxKYw0Rs5EAscTiaHlpkqdLSsQF-QTyZOsLM4opIXSLFUY5gmCiaKepW8cEI43-IOuHWPHhuAASwe9hDDAQ9pyJET1YSsgw5jjZ4SodK6SqsRmsevODbk4FT6Oe6_lzTk__mCE6HOde1h32RRXexfkfMdy0xlZNPS_U4ssphX-zUS7dmw4VYR5uD-ms1EUMIFsWKvOslBGq85tiYk3Y5HBaapkGs7Viu0rUhGOcKajgh4mqeFB_ZWU2HCQpJjv84hooVUveQFOpAg4WR9Wyy5uPzWSk-Pb6L8nXkUKCcmErt0fcU7HPijd691VWPA7B_HhTO8ixHrEJxFbSgqYYvXvE6qs8ieKXQafXEUgKVp4DFXXFYHiVLZwflU7OrKf9nUc_IgaTx1KFzUOSLp96CXnMWV1E2bUYinfrcEJWKxtn3OhvnUbZnHKpv971URrRBzWPLVYrnG3kgNA9dbrsgvHYduvWSQ9Oz6CbR6hVUwxdHvgLPnK4oShYgWMxPvoVCrmQ-KOQeIQ3CP6J-1_ZrYKHc245mdnG2q15tsRmWXyp8NCvX9gxMkYT5nEUAQ_q_zo9zr1Yz4bsvTE9mBNgIJJ_xu5H2tdTftdWc11Rws6lErKrR9P5F8e_Ee4tPQQOP0K_7aw2lRywn2agk7XlPQMmnghnTEGeqveqoRDlnUa1oga2_qyLO_WpeKgoJa6G5a7mztWgzTYjZx2NuFE39TWRf9rfcu6Fg-UShxCYw9RBAOnnGPLJjO0CCe8nyoUMkWjKptDyc09SmQNfq-ky508htgCwBhI6Unoh4dUgsMDFntgTEKX-p0Aopu5-ifQV1QzswL-tvPCc_L_dYgUwxYoKFfxv49owuWKjPFCLv8yQulLPKLS4xSvHjEuD9xIKv9tq_9aL5QeB-CJQSuHguwDFgTT7sIu8XAmSDEoowuUq5dIOAYJ99XZRdUJ3HfLw283Q6invYrMsCuz-Gv-vFxvWpM-jX9sob3U4oiHw49nY2uSkBd7ULkl6VPf2teCrNc2UZUR9J92WUDYx2WNR5cnMiihAU_aAGjRII6yaNMam5BVPSpHy5H4-htcYebsq70KeR_KD3wBBJrZhrzMtEcUZ_51jGJ8wg4e42G1TMuvUZ4yuoTJQysGGdLBogp8dsDnGJzUNPG40rZZ1rKL-d1Yg8Bd1234nCrkSgy3kHrkojFmo_eSWoxmL_rdrpmUcMKn8_vEKdCLCW8s3JA4eAlSRytBojNxPzO7esf2l1zG8VMLTXORjgl0I9BP9XJ7XeeUyg7T8jW6qoNWKQbamNTTSF1wa-lqo8buBtBWqtxkDobvcM4J9GxbX0phMZRVuvLOZqQ5fdpcy0S9I2WiJZAVD5LVyoowEiNhjRDvCifN-70VNHM26CDQT29D_FwgQSzSl_T7jJgQxwi1-Q6G7AGCwRqtmmxyA9yK8cj3RmszLYaUYywxXcMUElkm7IoMwcXgVYyy2u0TsfUhcGEq9L1LbkblMIZ1_FJLJp5GME1TYOXww9CkUVC7UvokPAgwuO5mZl6EaZleIKhLRdzu7u3jxclf-orFIa6p3GnnVcZrWRMqMxsrxv1wxPTg5KfbTEgbtqy2tdgATbSHyltAwo7E2tMUa-E02F8pJ6Dk6QgdCBxDijnyHFWd94Cg1W-lBDgfaAkGGrTpz6TMp02BWIQjWNDXkTcAZSxAcbyVIeSwEiAX-E-f6h0ccKhy_9Gi2AjAJvHr6Sz1xW2QdN9B8bFCVa7J0gmh3Ji7xmMJRgL4D8-uO-jcgiRo38yQgNYvHn710I2tU8VFkDn1sMucjbyMNMG_1pOpSHrEDdymGKe0yHxU2j2eli9SBPmx7suidJ7gMELsuXF43YgsTy5IbyzzjO3j0cAnVB3r7rDabuTuJwMVvhIzmx7psyPpRaDcH9tPq_RZFwLdB_SrF0GbUfPO5mizXW6flycRMblFRPkhimxQHWLdxljGz2RUG7aRGsbKb2loWxKcGYVA2i56t1BMbZUOyexF46-7GMIQMHIoXcmQA4U1BLfI0x46XZ_sA4A12F1OleY0p5PqKegeSARjGq-r3TYpq6zxwuQfenOzvyv9nT1uP8DmcYJOoDGNXk1SXWRWmwbv9CDHd80fKetu3Uc78Z4M_QBCy_raXMKFsUTdhRKZemHSOXCEjASJFnnYH8g3lajUA7VcDjZpKubQ1Hoo7goGcj-oaZJn3ugTJXX3wg3cYFrD0vgzK15Yo12JksmVMhNu2nWxWxLO2jUf2WlHFHHlehw_o-z2vriZVRmtAWoAjZfgl84lkfh45m9az5uzWbzkTwoFb5dcoXctfOT6FIipoD_NPQajPcy1im38kfFgaPseOvEDHLNBU_9XazTsoKt6Dzbashvskko9CQCEerFvOcrs1aYxnYduLEu4tIZivFETvCdeRTvAoeY7rDmD8rFjfTpAaFlAb4nwS75TcMST1EBbP4X-LcNpotaH0V-O8LWttu_pavHPWeuH1SygWJvZocTYU882N0QRD6KRQwaiJALHewoEW0vmJM4wwXxzMPSKrshES0I3V7SrmTT127lHOfDwgI0vA583EOuWT2ce3QpcJ0CXYFMUiutu8L8tOdmswqluIJCVu-360NBSKlfTLylgIsj7VURIVEtAMovuzVugAnNN2TQMNkUhzGg-pUkZt06V9rDGXc9iXh8yduLe3e3e_dunC_JWukPHFrcmENt7g77W_A6_UIM8_OAsPHFFBC0Grr-TLUHaV5HSjTcuQgmzBYvQ58kniWN9hPE13emfUQgHoOcFCsME5gAhfUxkL5H6NPWZF6bgFU0DKoXmcD596NWeouwlXk52GaDexrmWbRFFvRxS3EhtLPITH0_UHRUQGUMawPSk0LqORkDB7jy030s2RZkucJeN3HQ_3LGQC2v7UNJZl4hgPCMKfWa4rxVpAdGGL2xg8a29qTkFGwWqqFO7N7fJ1MntLlMazJAX9IXV2jT0azgfPa1kN1-obKGnZPZDiyHcbO456D6Hu8lAgkBHVnQJ5I91aJ6RKx1HX9RUZhquXP7rlwZcfIv09do_hU2H6fyFJm764wRcUxpxddozx52_nIrZu6jY8t4vlG1Uav68w2cjdQ-qDyHFLnKep0x5fOiiSY9JWXolgztP2h6ce8BM7ykcMeikkldp7YIcus8fdBHfrHh7ciyL9VNjd1ECM0hKQhbeYzstf1oZXhQYfzRnvw83xXf-Md9rfEXuW3YQpj3_KC-3iMyWIbsBXzVEJKk2AcvhG78ge1aHZzIiH2yl6kG7YFQt2X2XRNMMCX2ahAczynukQzer-otUY9Y9C3msDiJLwvQT09hPZlVN05PHbObcR3jCpcQ5ZSdO9Lq3hsuhpKIacCwvePye_CcB85b0RP-FDLNzAA0nTnbLetUoTqQd-yW9FsGvy9CanqWWAfCrFeDU9rExlz48QAzXu8y9YBZxjDse1kwMQdNRQJ6uRaJibXlT0fyL-oR14qbMP8ZrxRj4_wfwp-PN7rOw_cUP_nL7RpMgSLJflzYMHj9SmDlg2IWhBwhxWK3zw2TQUiEWncd_eiZOKXjPOCGOtGnIHBuc6Sv8gdobYVUdwGNtuwUpF5shr-VB4kyRjZcWaQ7O9Q1uaPNLdbBNTB1v7GBH_cnPmtdjkwS9V8_MOxBDQXThW6n9eIqSYYLxAEfZoMArRABVNij4-jraWbsc68nqPDsEFe1YcKCF3QebqEOeVbfblzrxOfkdDI1y_wDNPZBUmSGgPM_QHe0TaMaQ_cE3v8ZHLbT7zMJO9A&cid=CAQSPAAvHhf_lt8JdRzT8nkzjwCmtTMWT8LJ_ojNRe3UpuOleUNWQnr_2vViq3sSwf5YLI6VRkTyUIqB0F0VcxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgiveaway.eventnerdz.com%2F&ds=l&xdt=1&iif=1&cor=15751653280836712000&adk=2124396031&idt=129&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79f232f919992a52ae9b554ed1bf83702a2eca387a0aceefc9645941f031784f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38798
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F4A7 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WqffXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1A3B 111 KB
39 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 1A3B 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DulYb2HRZj2fO9Ug0PPRTHAd8qEFOcOSbn6ePUl_Nv4RSvCRt8NdeTGMvdv2ta1dOzY0fUpngbBgmEv9o1iGVU4BoNCYy5prb9mQQMA3drI2Om-Be2Q2mYiRicwY9Jzz7ZDDeQVfkBPTMJ7l6GwBJD_wfiedJEfqGbKPS0ht3ahEk_scnydBLv4EfuIWOe0Q_dqsor&cry=1&dbm_d=AKAmf-BPE4yHSvYrOf4aDFTV3bhBLuF48BJNlMamewbWpnAyhAGiRHxytlIALFJcSkjRcmTHiT1s10x1Er0J6qEck_hdH9jbpKYNhvmDyynXESNV2HvZx88xPGMIsBqla52bRWSvy2Ht-CUCBUVJ9Hn8njeJ9deT4NANSHSOhgM-EqCugDLfa4vW5bjXoSYujiQjW-yUVxSvcF_43GIkAIbEXCrJCl0Hh-0tXHPK7d4D4ImmhzH_QpJolas4DIdybdHqJ1LAaL3VIvkEnoTuH4Shw9Az2rMv_Kj0MGC3YjLxjnWZXhLSWCOclVu_5OiiwVx5mOk2dT_-oQKcJnst-OIP0x3XZD8wqlsMxYz280TWxkk3e5abje9u6JfEKHGr3V4Rkqx6NZr4RP2o2aZ6kLuKcjTYeNddJZ2EntSFZN9jPTDGqX4OvduFI665ad3rq0ANwp6ctTYQXdVCX5fPh9RN8Laa-BdkWc87eHXMD7p7DNcrxBLK_lfL4cJ9MFSmoYEC9d-Eg8Qhtj5FxYNbSLJExWNGmdkLqhVQWosNMLTOprcnE1gGOuZiWXcTELhY3ymswc6UUDSbxpF8GdqYdj_b4Cp8UEy43-pWknPqJ3Sk2146clF1onyCv6gTFViYlQSmMrjEbnDaA0aJ9eL96xEZHl1vha64hsnGmydR3hNd45rBOzn9UsaG9_VaruigNCYeb8PhrlCHuXxhapzxKYw0Rs5EAscTiaHlpkqdLSsQF-QTyZOsLM4opIXSLFUY5gmCiaKepW8cEI43-IOuHWPHhuAASwe9hDDAQ9pyJET1YSsgw5jjZ4SodK6SqsRmsevODbk4FT6Oe6_lzTk__mCE6HOde1h32RRXexfkfMdy0xlZNPS_U4ssphX-zUS7dmw4VYR5uD-ms1EUMIFsWKvOslBGq85tiYk3Y5HBaapkGs7Viu0rUhGOcKajgh4mqeFB_ZWU2HCQpJjv84hooVUveQFOpAg4WR9Wyy5uPzWSk-Pb6L8nXkUKCcmErt0fcU7HPijd691VWPA7B_HhTO8ixHrEJxFbSgqYYvXvE6qs8ieKXQafXEUgKVp4DFXXFYHiVLZwflU7OrKf9nUc_IgaTx1KFzUOSLp96CXnMWV1E2bUYinfrcEJWKxtn3OhvnUbZnHKpv971URrRBzWPLVYrnG3kgNA9dbrsgvHYduvWSQ9Oz6CbR6hVUwxdHvgLPnK4oShYgWMxPvoVCrmQ-KOQeIQ3CP6J-1_ZrYKHc245mdnG2q15tsRmWXyp8NCvX9gxMkYT5nEUAQ_q_zo9zr1Yz4bsvTE9mBNgIJJ_xu5H2tdTftdWc11Rws6lErKrR9P5F8e_Ee4tPQQOP0K_7aw2lRywn2agk7XlPQMmnghnTEGeqveqoRDlnUa1oga2_qyLO_WpeKgoJa6G5a7mztWgzTYjZx2NuFE39TWRf9rfcu6Fg-UShxCYw9RBAOnnGPLJjO0CCe8nyoUMkWjKptDyc09SmQNfq-ky508htgCwBhI6Unoh4dUgsMDFntgTEKX-p0Aopu5-ifQV1QzswL-tvPCc_L_dYgUwxYoKFfxv49owuWKjPFCLv8yQulLPKLS4xSvHjEuD9xIKv9tq_9aL5QeB-CJQSuHguwDFgTT7sIu8XAmSDEoowuUq5dIOAYJ99XZRdUJ3HfLw283Q6invYrMsCuz-Gv-vFxvWpM-jX9sob3U4oiHw49nY2uSkBd7ULkl6VPf2teCrNc2UZUR9J92WUDYx2WNR5cnMiihAU_aAGjRII6yaNMam5BVPSpHy5H4-htcYebsq70KeR_KD3wBBJrZhrzMtEcUZ_51jGJ8wg4e42G1TMuvUZ4yuoTJQysGGdLBogp8dsDnGJzUNPG40rZZ1rKL-d1Yg8Bd1234nCrkSgy3kHrkojFmo_eSWoxmL_rdrpmUcMKn8_vEKdCLCW8s3JA4eAlSRytBojNxPzO7esf2l1zG8VMLTXORjgl0I9BP9XJ7XeeUyg7T8jW6qoNWKQbamNTTSF1wa-lqo8buBtBWqtxkDobvcM4J9GxbX0phMZRVuvLOZqQ5fdpcy0S9I2WiJZAVD5LVyoowEiNhjRDvCifN-70VNHM26CDQT29D_FwgQSzSl_T7jJgQxwi1-Q6G7AGCwRqtmmxyA9yK8cj3RmszLYaUYywxXcMUElkm7IoMwcXgVYyy2u0TsfUhcGEq9L1LbkblMIZ1_FJLJp5GME1TYOXww9CkUVC7UvokPAgwuO5mZl6EaZleIKhLRdzu7u3jxclf-orFIa6p3GnnVcZrWRMqMxsrxv1wxPTg5KfbTEgbtqy2tdgATbSHyltAwo7E2tMUa-E02F8pJ6Dk6QgdCBxDijnyHFWd94Cg1W-lBDgfaAkGGrTpz6TMp02BWIQjWNDXkTcAZSxAcbyVIeSwEiAX-E-f6h0ccKhy_9Gi2AjAJvHr6Sz1xW2QdN9B8bFCVa7J0gmh3Ji7xmMJRgL4D8-uO-jcgiRo38yQgNYvHn710I2tU8VFkDn1sMucjbyMNMG_1pOpSHrEDdymGKe0yHxU2j2eli9SBPmx7suidJ7gMELsuXF43YgsTy5IbyzzjO3j0cAnVB3r7rDabuTuJwMVvhIzmx7psyPpRaDcH9tPq_RZFwLdB_SrF0GbUfPO5mizXW6flycRMblFRPkhimxQHWLdxljGz2RUG7aRGsbKb2loWxKcGYVA2i56t1BMbZUOyexF46-7GMIQMHIoXcmQA4U1BLfI0x46XZ_sA4A12F1OleY0p5PqKegeSARjGq-r3TYpq6zxwuQfenOzvyv9nT1uP8DmcYJOoDGNXk1SXWRWmwbv9CDHd80fKetu3Uc78Z4M_QBCy_raXMKFsUTdhRKZemHSOXCEjASJFnnYH8g3lajUA7VcDjZpKubQ1Hoo7goGcj-oaZJn3ugTJXX3wg3cYFrD0vgzK15Yo12JksmVMhNu2nWxWxLO2jUf2WlHFHHlehw_o-z2vriZVRmtAWoAjZfgl84lkfh45m9az5uzWbzkTwoFb5dcoXctfOT6FIipoD_NPQajPcy1im38kfFgaPseOvEDHLNBU_9XazTsoKt6Dzbashvskko9CQCEerFvOcrs1aYxnYduLEu4tIZivFETvCdeRTvAoeY7rDmD8rFjfTpAaFlAb4nwS75TcMST1EBbP4X-LcNpotaH0V-O8LWttu_pavHPWeuH1SygWJvZocTYU882N0QRD6KRQwaiJALHewoEW0vmJM4wwXxzMPSKrshES0I3V7SrmTT127lHOfDwgI0vA583EOuWT2ce3QpcJ0CXYFMUiutu8L8tOdmswqluIJCVu-360NBSKlfTLylgIsj7VURIVEtAMovuzVugAnNN2TQMNkUhzGg-pUkZt06V9rDGXc9iXh8yduLe3e3e_dunC_JWukPHFrcmENt7g77W_A6_UIM8_OAsPHFFBC0Grr-TLUHaV5HSjTcuQgmzBYvQ58kniWN9hPE13emfUQgHoOcFCsME5gAhfUxkL5H6NPWZF6bgFU0DKoXmcD596NWeouwlXk52GaDexrmWbRFFvRxS3EhtLPITH0_UHRUQGUMawPSk0LqORkDB7jy030s2RZkucJeN3HQ_3LGQC2v7UNJZl4hgPCMKfWa4rxVpAdGGL2xg8a29qTkFGwWqqFO7N7fJ1MntLlMazJAX9IXV2jT0azgfPa1kN1-obKGnZPZDiyHcbO456D6Hu8lAgkBHVnQJ5I91aJ6RKx1HX9RUZhquXP7rlwZcfIv09do_hU2H6fyFJm764wRcUxpxddozx52_nIrZu6jY8t4vlG1Uav68w2cjdQ-qDyHFLnKep0x5fOiiSY9JWXolgztP2h6ce8BM7ykcMeikkldp7YIcus8fdBHfrHh7ciyL9VNjd1ECM0hKQhbeYzstf1oZXhQYfzRnvw83xXf-Md9rfEXuW3YQpj3_KC-3iMyWIbsBXzVEJKk2AcvhG78ge1aHZzIiH2yl6kG7YFQt2X2XRNMMCX2ahAczynukQzer-otUY9Y9C3msDiJLwvQT09hPZlVN05PHbObcR3jCpcQ5ZSdO9Lq3hsuhpKIacCwvePye_CcB85b0RP-FDLNzAA0nTnbLetUoTqQd-yW9FsGvy9CanqWWAfCrFeDU9rExlz48QAzXu8y9YBZxjDse1kwMQdNRQJ6uRaJibXlT0fyL-oR14qbMP8ZrxRj4_wfwp-PN7rOw_cUP_nL7RpMgSLJflzYMHj9SmDlg2IWhBwhxWK3zw2TQUiEWncd_eiZOKXjPOCGOtGnIHBuc6Sv8gdobYVUdwGNtuwUpF5shr-VB4kyRjZcWaQ7O9Q1uaPNLdbBNTB1v7GBH_cnPmtdjkwS9V8_MOxBDQXThW6n9eIqSYYLxAEfZoMArRABVNij4-jraWbsc68nqPDsEFe1YcKCF3QebqEOeVbfblzrxOfkdDI1y_wDNPZBUmSGgPM_QHe0TaMaQ_cE3v8ZHLbT7zMJO9A&cid=CAQSPAAvHhf_lt8JdRzT8nkzjwCmtTMWT8LJ_ojNRe3UpuOleUNWQnr_2vViq3sSwf5YLI6VRkTyUIqB0F0VcxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgiveaway.eventnerdz.com%2F&ds=l&xdt=1&iif=1&cor=15751653280836712000&adk=2124396031&idt=129&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 11:31:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 1A3B 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 23:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 23:06:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1A3B 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 259332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A9AB 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 16 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1A3B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dfca00625aa6851852678e650330f64a22c0c947114e0559c649a1007b3f84e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame A9AB 35 B
463 B 35ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOauZpfuuzLJUDNILJtz3iA&google_cver=1&google_push=AXcoOmRtI23PoTjVfWVJ2tSm0MPxrIWj1xDMgZqAgXC2ibJx6VGHbqQp4AqLRqXTVAANAxNvG4mEh_gru39cPU7ilOBfLmXNUWA7JsMa

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A9AB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFQ4pMezQ-W998wP9Y2fBPY&google_cver=1&google_push=AXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwP...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQ4pMezQ-W998wP9Y2fBPY&google_cver=1&google_push=AXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFz...

43 B
420 B

173ms
164ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQ4pMezQ-W998wP9Y2fBPY&google_cver=1&google_push=AXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8460c27d0eea2bb4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 601
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQ4pMezQ-W998wP9Y2fBPY&google_cver=1&google_push=AXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTELuTgpQb2jtWTMsbXjOp-OzsR2RzKRPxXQ1cZI9GDVGz-35WyXhyfU-fqvsXsp3k97hpBVTpiwrY_P8CA9bYNYQ_BDFzwPrMX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8460c27bed952bb4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9AB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcRFxGTnCDIrgufGpL-kCU&google_push=AXcoOmTgvFddab4uzb-5_BmBWIGXra0W5KyM0tcVkP0LwNZdozcZth4Qa2...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcRFxGTnCDIrgufGpL-kCU&google_push=AXcoOmTgvFddab4uzb-5_BmBWIGXra0W5KyM0tcVkP0LwNZdozcZth4Qa2HqR2ojj00Ag9Tmj_kn7655e9zR0L4DnqPF_SiTp4cDnYhh

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220062-FRA
pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1705349401.058768,VS0,VE97
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJcRFxGTnCDIrgufGpL-kCU&google_push=AXcoOmTgvFddab4uzb-5_BmBWIGXra0W5KyM0tcVkP0LwNZdozcZth4Qa2HqR2ojj00Ag9Tmj_kn7655e9zR0L4DnqPF_SiTp4cDnYhh
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A9AB 70 B
149 B 105ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMLscZ4oShKRCX5rHY1_62g&google_cver=1&google_push=AXcoOmSAlUeqjN_llhKZgYtNU4GsLtfC_WVrBKMBylNTqzvUVpCHgCR9-qu288UHe7d3sCKZ4iQ9xlKZ6_BWk4N4cq0Shzk03TH0vf91
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame A9AB 43 B
146 B 36ms
7ms Image
image/gif 3.124.81.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGVYAjvJVc5a8Z1nQQ0kBAE&google_cver=1&google_push=AXcoOmR1Viz686buRd_IgvvBfglUTDYJUbEGLGKLbUVHmscCsYgdAYCLhF9Tvn5z3S5X5MqF3vrgWZplXSr9fZcJDKwint_csnYn1lpa
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.81.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9AB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKufD_whsDXJn9Ujq2YWQyA&google_cver=1&google_push=AXcoOmTIyVHaY2kyqXccMVnpw86DroLEvf5Bcov3wK-bATg9RzqIDfcFW0v4BRwtCEeE6XZIm-hX1Q-hxHfEED7DcefLAwj...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTIyVHaY2kyqXccMVnpw86DroLEvf5Bcov3wK-bATg9RzqIDfcFW0v4BRwtCEeE6XZIm-hX1Q-hxHfEED7DcefLAwjUnJoTfYOO&google_hm=eS1veDNsbkNkRTJwR2...

170 B
188 B

19ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTIyVHaY2kyqXccMVnpw86DroLEvf5Bcov3wK-bATg9RzqIDfcFW0v4BRwtCEeE6XZIm-hX1Q-hxHfEED7DcefLAwjUnJoTfYOO&google_hm=eS1veDNsbkNkRTJwR250aXdraUpiVURvckxOZTFNR05VeX5B

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 Jan 2024 20:10:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTIyVHaY2kyqXccMVnpw86DroLEvf5Bcov3wK-bATg9RzqIDfcFW0v4BRwtCEeE6XZIm-hX1Q-hxHfEED7DcefLAwjUnJoTfYOO&google_hm=eS1veDNsbkNkRTJwR250aXdraUpiVURvckxOZTFNR05VeX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9AB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECYt7o9TuNLoUmAH8xpO29E&google_cver=1&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvLABykL...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECYt7o9TuNLoUmAH8xpO29E&google_cver=1&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvL...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE1NTQ5NjgyODAzODQ0Njk3Mg&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvLABy...

170 B
188 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE1NTQ5NjgyODAzODQ0Njk3Mg&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvLABykLCcKdlUuE8Gb858HVgpFUkYv5

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE1NTQ5NjgyODAzODQ0Njk3Mg&google_push=AXcoOmQ2zS6McXDKdi4oBlCK_omkjsxDplJ_ko6FNVHSjU0PDrWwptC6x0Cu54J9fgYfaUX6DvLABykLCcKdlUuE8Gb858HVgpFUkYv5
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A9AB 0
12 B 16ms
16ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6EOiBFX078h6dbmqfp186nBJpLU2qCDQXX52UPxNgP0D5f3VcWZpjdZki1A80pyssKsZG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8AC4 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 244750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1A3B 0
0 85ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaGMcI9f8pmLxXEu5YUPE3cVinITvIArstXy_09yKqq94pfGLhn0ddu-PY7A89wCVdBGFfD5P9KR9LsxwPD9k35UtCAoPkD2DpYN49B6ZgRbOmZgoSUUo08icyhj0XMKpChKLa7Mj_gAq_kp0x7cx0eT_zbzeJaQau68ZRb88y2-0PVSUTq72CHmBNkc5Ib0rPRbjwDiWpOtPz-cKiWKLpxFQuVLyg7veCuOABdwr5K8KM-SEH9AbwI4h7ROlDXjepths5N83tqzfgQt7WQXEFZsdQNYkNwY9ZRiUzCsHZqMq0n2tRt_p0akqCRvrn4u_8pdZx-99W3M-t6Cd57PTFGSXRTHt79RaNied8xF9FrKuvGTEuhcD_IeutIKWgN2yTKpNuxopZ2_OKVbNWWeaeVL95mv69pZHZeZbcZHJn1lgtL4xuRPdDWBqEZ5EXLBzrDJTvi9psNqQapOYY6kC7z8WV1F0aoBNNhA-tvMan7hlXwY2BwV4AnxLGUzy1pLtDDGMt_7ID1a1VGEmHIPtzsTCZWfNIR_A674KmyKRdw4WMNyOrCSiejzbKf5MB-rxzsIJLVgkeF7QO72uSzpEYHNBEEP_RPEwcqAoXDaH95khJ0r28jGUh2Z24pt6muqdTTypJ5IFsU39X9v5-n6TkN8C7psO8RjRBAa3b1T8KYTW7beub6zTwBpOUtMXmI3n2SsfxvhEPocKJMfgXDywnGIjjIhZHA93Mrmih4u8j5RzrNyIcdQypHrtD7FANCGmzUSVS9NnzsdZVAuqILUUwYLP6AdpPVV1sj7AjMWey6myfdO_5w3KDk3j9XRTqtWDpld_pj6cC4wAMJ--F9HMhLT7Ibm6zXjwuLWoyTecy5wW6vRk57QyEDrurGfm8vpvn2KRKbD3ngz3SC97OaYyzY4xVdPX01uQB3q2-g-tS8xgEt7Cg3YcNTnoFAEZZnyqaEV-0VA15-v1v7N5gLO4OYaXEus8KuLQ_ZJEoAfD2nLhX3_e-WaseZBx9EaGsC5S2oHRkRXEtwVUFE_JfMTLoa-r6XMzbjsu5K-uFrRIt7o4tqwSPQjBW3PeqEvh6gk9Wn-t-lLxG9dkNa0GLD8vfedbtkIYVsbUy89unsJMD6Fv7oJE1d6Q_jQ2JaGTboWT64YyCU8YPYWImbfV1cHOwyteZA5_LSjSM4VuKQxNRHOIwdFDjgP6b3Yrc0vcKEOOuzzWsp8V2ZTUBRkDxvZmv6kEw9y9ePU3-rtA2Ja2ewtX3A6b6hGrAIukqC40TI2KhyNqmJDo1UWs6al_YpMuot3m3wI4PX7ECFVgrkugddhQMt5as1qTlUiwqW5v-CQa-nkqTRYLu_Z_vEtN8xKS7-srB054uAu9dttaAIVNT5WaIsIo&sai=AMfl-YRmfsaXQOX5r930KLUXG8TYie-NSS_LbNGCHdh7eFqIaRsHH3UgxSqMxpcz_NLAI_cRWxU0MHvSxJWVZQT_AaoF5GJA0r5HLgJrxmcMRRAVQBl_WCvIzqYsC23nODahmsQJ17qXmcGYLHtjcWKSOnMzU9Ld8QINID8sWtmGZ00MnCWPcS3B7UC-ytH00hT6Kco90GolgFGh-x9YXJnbG71pPoQgD641eMtmM1ODxB1WMpbF6i6etBcicnmrA1nJTrdCCMfhp0rwC1g9rZ8PqfTmSQkwB6fe&sig=Cg0ArKJSzG2DXCVi7JbsEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=63&cbvp=1&cisv=r20240109.90124&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 20:10:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8254877346964467190
s0.2mdn.net/simgad/ Frame 1A3B 63 KB
63 KB 22ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8254877346964467190

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcd0fd6f3738e445f4aafd34e56da8bd8cb272fb41c21f7c651a2e579d43f3c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 13:48:36 GMT
date: Mon, 15 Jan 2024 13:48:36 GMT
x-content-type-options: nosniff
age: 22884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64742
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:15:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AC4 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 11:41:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1A3B 0
0 45ms
45ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaGMcI9f8pmLxXEu5YUPE3cVinITvIArstXy_09yKqq94pfGLhn0ddu-PY7A89wCVdBGFfD5P9KR9LsxwPD9k35UtCAoPkD2DpYN49B6ZgRbOmZgoSUUo08icyhj0XMKpChKLa7Mj_gAq_kp0x7cx0eT_zbzeJaQau68ZRb88y2-0PVSUTq72CHmBNkc5Ib0rPRbjwDiWpOtPz-cKiWKLpxFQuVLyg7veCuOABdwr5K8KM-SEH9AbwI4h7ROlDXjepths5N83tqzfgQt7WQXEFZsdQNYkNwY9ZRiUzCsHZqMq0n2tRt_p0akqCRvrn4u_8pdZx-99W3M-t6Cd57PTFGSXRTHt79RaNied8xF9FrKuvGTEuhcD_IeutIKWgN2yTKpNuxopZ2_OKVbNWWeaeVL95mv69pZHZeZbcZHJn1lgtL4xuRPdDWBqEZ5EXLBzrDJTvi9psNqQapOYY6kC7z8WV1F0aoBNNhA-tvMan7hlXwY2BwV4AnxLGUzy1pLtDDGMt_7ID1a1VGEmHIPtzsTCZWfNIR_A674KmyKRdw4WMNyOrCSiejzbKf5MB-rxzsIJLVgkeF7QO72uSzpEYHNBEEP_RPEwcqAoXDaH95khJ0r28jGUh2Z24pt6muqdTTypJ5IFsU39X9v5-n6TkN8C7psO8RjRBAa3b1T8KYTW7beub6zTwBpOUtMXmI3n2SsfxvhEPocKJMfgXDywnGIjjIhZHA93Mrmih4u8j5RzrNyIcdQypHrtD7FANCGmzUSVS9NnzsdZVAuqILUUwYLP6AdpPVV1sj7AjMWey6myfdO_5w3KDk3j9XRTqtWDpld_pj6cC4wAMJ--F9HMhLT7Ibm6zXjwuLWoyTecy5wW6vRk57QyEDrurGfm8vpvn2KRKbD3ngz3SC97OaYyzY4xVdPX01uQB3q2-g-tS8xgEt7Cg3YcNTnoFAEZZnyqaEV-0VA15-v1v7N5gLO4OYaXEus8KuLQ_ZJEoAfD2nLhX3_e-WaseZBx9EaGsC5S2oHRkRXEtwVUFE_JfMTLoa-r6XMzbjsu5K-uFrRIt7o4tqwSPQjBW3PeqEvh6gk9Wn-t-lLxG9dkNa0GLD8vfedbtkIYVsbUy89unsJMD6Fv7oJE1d6Q_jQ2JaGTboWT64YyCU8YPYWImbfV1cHOwyteZA5_LSjSM4VuKQxNRHOIwdFDjgP6b3Yrc0vcKEOOuzzWsp8V2ZTUBRkDxvZmv6kEw9y9ePU3-rtA2Ja2ewtX3A6b6hGrAIukqC40TI2KhyNqmJDo1UWs6al_YpMuot3m3wI4PX7ECFVgrkugddhQMt5as1qTlUiwqW5v-CQa-nkqTRYLu_Z_vEtN8xKS7-srB054uAu9dttaAIVNT5WaIsIo&sai=AMfl-YRmfsaXQOX5r930KLUXG8TYie-NSS_LbNGCHdh7eFqIaRsHH3UgxSqMxpcz_NLAI_cRWxU0MHvSxJWVZQT_AaoF5GJA0r5HLgJrxmcMRRAVQBl_WCvIzqYsC23nODahmsQJ17qXmcGYLHtjcWKSOnMzU9Ld8QINID8sWtmGZ00MnCWPcS3B7UC-ytH00hT6Kco90GolgFGh-x9YXJnbG71pPoQgD641eMtmM1ODxB1WMpbF6i6etBcicnmrA1nJTrdCCMfhp0rwC1g9rZ8PqfTmSQkwB6fe&sig=Cg0ArKJSzG2DXCVi7JbsEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=102&vt=11&dtpt=39&dett=3&cstd=100&cisv=r20240109.90124&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: giveaway.eventnerdz.com
URL: https://giveaway.eventnerdz.com/lp/137270/lp137270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:10:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/ Frame A37D 87 KB
21 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2322f71da4bdd74f6a5d3ab775480f47c721378bee93d91c3afecbc5f4a9915d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 39227
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21926
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:16:13 GMT
expires: Tue, 14 Jan 2025 09:16:13 GMT
last-modified: Mon, 15 Jan 2024 07:42:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame A37D 32 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 23:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Jan 2024 23:49:09 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/ Frame A37D 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0effae6e9318f8764a1fa72cb2e38de932c267a60d4894bb2677cb3381211890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 19:37:31 GMT
date: Mon, 15 Jan 2024 19:37:31 GMT
x-content-type-options: nosniff
age: 1950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4310
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:42:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 728t2.png
s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/ Frame A37D 9 KB
9 KB 15ms
15ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/728t2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a7373563ba5e7d84d3d49373f07fe75c818c20c5f2caa19383d2d2fb3576daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 09:16:13 GMT
date: Mon, 15 Jan 2024 09:16:13 GMT
x-content-type-options: nosniff
age: 39228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9425
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:42:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 728logo.png
s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/ Frame A37D 3 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/728logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5318ae462cc3126ca995e4cc3c5a1b516095525b5e28a66139c4c4668e4bc903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 09:16:13 GMT
date: Mon, 15 Jan 2024 09:16:13 GMT
x-content-type-options: nosniff
age: 39228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3151
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:42:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 728t1.png
s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/ Frame A37D 5 KB
5 KB 11ms
11ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/728t1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9c47ca5d29e153adce3f0017c4f3179f93d38e6758e863b20508c3b2ebd2311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 09:16:13 GMT
date: Mon, 15 Jan 2024 09:16:13 GMT
x-content-type-options: nosniff
age: 39228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5413
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:42:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 728x90bg.png
s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/ Frame A37D 16 KB
16 KB 13ms
12ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/728x90bg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e8d478ecc93407b86c93ff477e0f919383e9f1d254aa0480060c5a83a8fa035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5720876415626945308/DocMorris_Gesundbergs_012024_728_90_G360_Flight02/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 09:16:13 GMT
date: Mon, 15 Jan 2024 09:16:13 GMT
x-content-type-options: nosniff
age: 39228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16045
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:42:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AC4 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwXQUGJGlZYi1Ms-s9u8Pz8e6mA4AAAAAOAHgBAI&bg=!f3ylfDPNAAaumcC-jpk7ADQBe5WfOIEsNF_MsdKyOhFV_zbOLjDMwYX_MffnkgNoZH-2t1HEIkdaZop8Wq2XoM_iPJSuAgAAAExSAAAAA2gBB5kDCYqDLetMSfw254d0Z1cx_zM44NzQJ0YDiSbFH-BqnpuPUPCwMY4LaRPUNYFIlUzu5QexcxNpwz3B-cRN2SWgeOlfvgvDNxj9K7QoaGPVzMxB_29kQX93HxktZQj3SxvLtmjV07AnlO98VoU1Oz_oWmNBapMXpaqYXiTsRogibujAIjTeC5tVx1e-wxStYfMRb-nmjrE7-4znujO-zORnxK3w2vWVXgoP7qD3Xl1oArx4k0CxnKeyVXCW8Gg-I8gTciDxMhYB2pYRv36M-DbNtZhZp3S9JrNhj0RDeSvMUl4V8v3FLt5Uqv5K1j8mOCfm97u3-miN6JfRRvrGHcLhdBlwt3kBEhfYp9qZPwja3AkmGEOPtOVk6nH4DO79Em2Lm51-vkJJoXnFaSibJqx9MPxjM_QbmaLwSePqPzPu8BpyVhRvWgWl9zsEy5B_OSTQ4EHElQyG_4PSgVQfQZdGQvnHnTXNRyd5B7dVDESXv6YFmOSYrCcMBSLvBedWHUTTkR19S5MOCO5HM63G2RW5OiNTqxuE3fpH35glsHgpZavb5yO-TM-5YXohH0SHbhIQYCIp7GOQjYBFlcJ4Ds-f28Q7XNmdmKhG7B50vKA5fPT93cIcRItYkerTeGhX3q9zzzLHE4vO8CpaVOdhBEqX0GIhSupBosAvsO8jg8waIVG1Zosr3ybLjme7bc6gg5ZR0zGEIpEF-gIXBB1NRjGDdElx9tA34k40flbKpUnYTGRBEjXjYHDDQxHCpfcnqr0fL9qOlLG_H7NgU8ZWZ_r7zMRABFJLPzcxaLsXxdT6dTdtkcygirfmkb4XEPJcq5LfJuDVS8o1a2Z1qHOXQPzF464uzQDc4nfwRpkVYdTl3Gx5ryXweDXU0gp0upsNKM5v6_LPtAaeJJ-OpFK4w5uG1LIBYC2gV2tzaNV3leSMvUoZUKKdwhFvFn8AAjKauCt_fuiabUWD7yrLgpA6G0dzZhYIeCZgoUpptIeXB82yqm1qYPhrnv8n5iQlVX7UXGyTB21vtYCB3XlQbA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 75341065
mc.yandex.com/webvisor/ 43 B
0 208ms
57ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/75341065?wv-part=2&wv-type=7&wmode=0&wv-hit=291636425&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rn=228056767&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1705349401%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240115211001%3Au%3A1705349399148030472%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Ast%3A1705349401&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.eventnerdz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Jan-2024 20:10:01 GMT
content-type: image/gif
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Jan-2024 20:10:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1681793005976022&bg=!ysmlyYbNAAaumcC-jpk7ADQBe5WfOFFY07mb7RknFIGi5tXo6Mi-jRjlnw3ow25IHxihk0F2FmSC034HgCOepVkW02v2AgAAAExSAAAAAmgBB5kC2i5_SNHF9qTJvktptiTX9kiliExjjtMxPNtXqVL2uICnDYUW5nOZKpFiCmw1fgVRNz1lj60UTWZ4Y3fquiCoARqr9RxN4pPsbXvtohx_DUt_-RQHf_7nIPLhrRUcid6kXaJrth7yJQe6DfhOy6uwbdkWLZIhnY2NhbPgQ48mqdRqHpTPVXfJK2R7RNvzdLCgG4kj84QMXeYVuUYeO7DvAJHMgaSeGAuXo0HDP5q4N1SUswt2wZmk4bQmuBBaQKv4nJqDoCZXh-TCslIwef58k7SmFPcIfgbo4ma2z5Tqy30fDm_X53ItAsr1Am_bRMk5qvCg3S9CVRs0rmwqMGUdDviGYCc9ATAqY5TdffMXaIdNAEtKMPNJQ40zOpFbZC8dXQ38xqVeSJ-rIliZxm0UH7elS-z8NBZ5Ku119-IvOHZItmLKDsuAAqBxpbl7JZnmjxupjns1tt5HOzJHPqdHsQTZY1tM_Hmbimsuwl56yVjhAY1G_twrIV6osd03FQPRsHc4i8AjOi8BHjmHESqGcg6F_iEOc2F_nEqUtNh5hJs7xZRhuaCr9mHOYSmTCXS3YQgRy2qV61XdgSU359C2NOg4D-aIY6eJR4KWq4cjEsBHeSD4Bg8zkA1cbZ40boUWh6uVic3a4jj5fm2ex6w4d-7X9ELdtG8nFDeWsqvuif3IKv_WwaGPE_sXmvfnC1Db4Nx-1uqaChuD-OV_SN0kZSIf1mi9GC2TmPKig_vNVxXr97oLr2daiFBqQhOgqNMjK57kP0r48IF64to275jjG8zzfhi5X9V91OmYJHpoexSDsUDBWyzRdf6o7orPqhCu5BVA1bGU4oNZvjxjiokeVyzHAj5F5rI_mnC_Arv7ijnOeEq9pBf9NksmezMdnwWVaGj3-cxxuSXjgI1ZciF1NkzXHn7rJm43vjtn6oSrONGDRNQS10u_syzDIp1crBnBumrAgt5-n_cAsNI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveaway.eventnerdz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A3B 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6UwlZgzVISDUift_jO4WI24WOahVw1mvHycxTBF7-Avsc7OktS_DrZ1XN4mRUnwpnHB9bg5ipoEcBCSwgcQyyJZ_HxUjwDrnZEAy9KfzOW6YAgLuh6ewvqP0hxG6TaEMt4C_UG5dWj0ky4hFLNCj_RcM8&sai=AMfl-YR0TVfQkkvisfwUL67BfdkYpNjs5HsUV5-COYZnmZuUmHeGxtloi9FV2_DNQnjMMk1jjBDdhKCxQhkYjhhUt0P-ZspyT3_bd0OO5uSv6YFONXhfVxPoKeVVY6oW&sig=Cg0ArKJSzAcWFoNjwcm2EAE&cid=CAQSPAAvHhf_lt8JdRzT8nkzjwCmtTMWT8LJ_ojNRe3UpuOleUNWQnr_2vViq3sSwf5YLI6VRkTyUIqB0F0VcxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=319,819,1000,1045,1045&tos=319,500,181,45,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705349400660&rpt=236&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A3B 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=254691829024&version=m202309260101&ct=119&x=1&cor=15751653280836712000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 75341065
mc.yandex.com/webvisor/ 43 B
0 51ms
50ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/75341065?wv-part=3&wv-type=7&wmode=0&wv-hit=291636425&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rn=916141876&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1705349402%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240115211002%3Au%3A1705349399148030472%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Ast%3A1705349402&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.eventnerdz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:02 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Jan-2024 20:10:02 GMT
content-type: image/gif
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Jan-2024 20:10:02 GMT

POST
H2 200 75341065
mc.yandex.com/webvisor/ 43 B
0 58ms
57ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/75341065?wv-part=1&wv-type=7&wmode=0&wv-hit=291636425&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rn=250987932&browser-info=we%3A1%3Aet%3A1705349402%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240115211002%3Au%3A1705349399148030472%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Ast%3A1705349402&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.eventnerdz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:02 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Jan-2024 20:10:02 GMT
content-type: image/gif
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Jan-2024 20:10:02 GMT

POST
H2 200 75341065
mc.yandex.com/webvisor/ 43 B
0 54ms
54ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/75341065?wv-part=4&wv-type=7&wmode=0&wv-hit=291636425&page-url=https%3A%2F%2Fgiveaway.eventnerdz.com%2Flp%2F137270%2Flp137270&rn=704790171&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1705349404%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240115211003%3Au%3A1705349399148030472%3Avf%3A6mv6as6umwim0jy5plb7dyaj%3Ast%3A1705349404&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveaway.eventnerdz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 20:10:03 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Jan-2024 20:10:03 GMT
content-type: image/gif
access-control-allow-origin: https://giveaway.eventnerdz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Jan-2024 20:10:03 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
giveaway.eventnerdz.com/	1970-01-20 17:42:40	Name: PHPSESSID Value: node2~9lerin9gv6jqh7qjee20lu0b1c
giveaway.eventnerdz.com/	1970-01-21 02:28:05	Name: lead137270 Value: 191022
giveaway.eventnerdz.com/	1970-01-21 02:28:05	Name: thanks137270 Value: undefined
.eventnerdz.com/	1970-01-20 19:52:05	Name: _gcl_au Value: 1.1.55145525.1705349399
.twitter.com/	1970-01-21 03:18:29	Name: personalization_id Value: "v1_XOYE7781b57Z5Q97x1pc2w=="
.eventnerdz.com/	1970-01-20 17:43:55	Name: _gid Value: GA1.2.852959418.1705349399
.eventnerdz.com/	1970-01-20 17:42:29	Name: _gat_gtag_UA_153165760_1 Value: 1
.eventnerdz.com/	1970-01-20 19:52:05	Name: _fbp Value: fb.1.1705349399236.702890164
.t.co/	1970-01-21 03:18:29	Name: muc_ads Value: 5dad102f-dbcb-402d-a5ff-ac680c5368dd
.eventnerdz.com/	1970-01-21 03:18:29	Name: _ga Value: GA1.1.1872568115.1705349399
.pinterest.com/	1970-01-21 02:28:05	Name: ar_debug Value: 1
.eventnerdz.com/	1970-01-21 02:28:05	Name: _ym_uid Value: 1705349399148030472
.eventnerdz.com/	1970-01-21 02:28:05	Name: _ym_d Value: 1705349399
.giveaway.eventnerdz.com/	1970-01-21 02:28:05	Name: _pin_unauth Value: dWlkPU9XTXlZVFJsWm1NdE5XRXpOQzAwTlRVMkxUZzFZVFF0TTJFM1lXVTRNemc1WmpFMg
.yandex.com/	1970-01-21 03:18:29	Name: i Value: owjSXK5PJBNrfQSHQUTWUGJryHOt0QYwesra8cqcvjNwq8IiIpwvAt4da9KZZZejVrEJH5S809DVnvcRqUKZAUIkl2k=
.yandex.com/	1970-01-21 02:28:05	Name: yandexuid Value: 1714754981705349399
.eventnerdz.com/	1970-01-20 17:43:41	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 17:42:29	Name: sync_cookie_csrf Value: 3517294380fake
.mc.yandex.ru/	1970-01-20 17:42:29	Name: sync_cookie_csrf Value: 649498038fake
.mc.yandex.com/	1970-01-20 17:43:55	Name: sync_cookie_ok Value: synced
giveaway.eventnerdz.com/	1970-01-20 17:42:29	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1705349399632%7D
.yandex.ru/	1970-01-21 03:18:29	Name: yandexuid Value: 1714754981705349399
.yandex.ru/	1970-01-21 03:18:29	Name: yuidss Value: 1714754981705349399
.yandex.ru/	1970-01-21 03:18:29	Name: i Value: owjSXK5PJBNrfQSHQUTWUGJryHOt0QYwesra8cqcvjNwq8IiIpwvAt4da9KZZZejVrEJH5S809DVnvcRqUKZAUIkl2k=
.yandex.ru/	1970-01-21 03:18:29	Name: yp Value: 1705435799.yu.8058002091705349399
.yandex.ru/	1970-01-21 02:28:05	Name: ymex Value: 1707941399.oyu.8058002091705349399
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1582682091705349399
.yandex.com/	1970-01-21 02:28:05	Name: yuidss Value: 1714754981705349399
.yandex.com/	1970-01-21 02:28:05	Name: ymex Value: 1736885399.yrts.1705349399
.yandex.com/	1970-01-21 02:28:05	Name: bh Value: KgI/MA==
.eventnerdz.com/	1970-01-20 17:42:31	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-21 03:04:05	Name: IDE Value: AHWqTUmThSAeeFwy2yxoozckUGXqp9iWe0-tcQX6al9zzR7wM3-HIK9K6N1HwDBdXCA
m.exactag.com/	1970-01-20 19:52:05	Name: exactag_new_gk Value: 4ff7e58efcd5454a8492747d99ac9f8b%7C15.03.2024%2020%3A10%3A00
m.exactag.com/	1970-01-20 22:01:41	Name: exactag_new_uk Value: ea30d350f3874c549dafa9cae804e113%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: c40237322600435497de7b55
.adnxs.com/	1970-01-20 19:52:05	Name: uuid2 Value: 6577808151195692347
.casalemedia.com/	1970-01-21 02:28:05	Name: CMID Value: ZaWRGDIPXz4Vk0JbFEkE3wAA
.casalemedia.com/	1970-01-20 19:52:05	Name: CMPS Value: 3356
.casalemedia.com/	1970-01-20 19:52:05	Name: CMPRO Value: 3356
.adnxs.com/	1970-01-21 03:18:29	Name: XANDR_PANID Value: 6RS3A7qN-gCo4DVx9Ulz1BfLMu7zdq_NqFv5anF6BeS3P3g3r4V908He9OLI2emNWCt5Xdzg7-mwl5lJ4TuHKlZiBBHplh7fOl683BAOC1g.
.adnxs.com/	1970-01-20 19:52:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVHfM9@v!]tbPl1M>e)ZlrFUfJ+tGXvWBRiJ_!c<KsOXmFI7D>$r(EWMS<YZQl[j*4kw3If)y3KL9D3I?+KkgWL-
.doubleclick.net/	1970-01-20 22:01:41	Name: APC Value: AfxxVi4Z93AEH0jymoUjv0wF-WN819kS4VTT4Bc9v8rei1G7Tw9VAQ
.eventnerdz.com/	1970-01-21 03:04:05	Name: __gads Value: ID=fdbbc7e99a4dfc88:T=1705349399:RT=1705349399:S=ALNI_MZXtt6vM5YqgvylbPmZ4mjInrYzHw
.eventnerdz.com/	1970-01-21 03:04:05	Name: __gpi Value: UID=00000cf80004dd1e:T=1705349399:RT=1705349399:S=ALNI_MbTgTL8cZBBXlyIhfZoOwo17Lbugg
.eventnerdz.com/	1970-01-21 03:18:29	Name: _ga_ZWGJL1C4V6 Value: GS1.1.1705349399.1.0.1705349400.59.0.0
.quantserve.com/	1970-01-20 19:52:05	Name: d Value: EEYBCQH0KoEA
.quantserve.com/	1970-01-21 03:12:43	Name: mc Value: 65a59118-e6d7c-6b1dc-0410f
.adform.net/	1970-01-20 18:27:07	Name: C Value: 1
.adform.net/	1970-01-20 19:08:53	Name: uid Value: 8155496828038446972
.yahoo.com/	1970-01-21 02:28:27	Name: A3 Value: d=AQABBBmRpWUCEJn19gUXINxFvKZE1gW_W40FEgEBAQHipmWvZQAAAAAA_eMAAA&S=AQAAAr97aTcCSEuWGGXYSvYvdVo
.everesttech.net/	1970-01-21 02:28:05	Name: everest_g_v2 Value: g_surferid~ZaWRGQAOwcqnUABd
.tribalfusion.com/	1970-01-20 19:52:05	Name: ANON_ID Value: aPntuJwZcF1foXarpebwFW2f5TpZbEJYbQrM8AX5SZdeEOGMmIr8RYEZb2n43EeKTm6so4iWqT6DsKyd9iGc3e6AdI0X

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/905331769868925?v=2.9.140&r=stable&domain=giveaway.eventnerdz.com(Line 137) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adfstat.yandex.ru
amplify.outbrain.com
analytics.twitter.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
ct.pinterest.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
giveaway.eventnerdz.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.exactag.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
platform.twitter.com
pr-bh.ybp.yahoo.com
region1.analytics.google.com
s.pinimg.com
s.tribalfusion.com
s0.2mdn.net
static.ads-twitter.com
static.upviral.com
stats.g.doubleclick.net
sync-tm.everesttech.net
t.co
tpc.googlesyndication.com
tr.outbrain.com
upviral.s3.amazonaws.com
use.fontawesome.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.36.155
104.244.42.131
104.244.42.133
142.250.181.226
142.250.185.66
146.75.116.157
151.101.128.84
151.101.194.49
185.89.210.153
2001:4860:4802:32::36
213.202.235.9
216.58.212.130
23.35.237.86
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:ff6
2606:4700::6812:18ad
2606:4700:e2::ac40:8c0d
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c07::9c
2a02:26f0:3500:89a::1931
2a02:6b8::1:119
2a02:6b8::346
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3605:eb6f:23c5:ac95:b36f
3.124.81.102
35.167.136.136
35.71.131.137
37.157.3.20
52.217.85.140
70.42.32.63
00bce56b976760b812f6f909a5498f2b1fa14388ce32e066631e813d02753d0d
06147e458cd63785f841d0c92047baebedaf5cb50654f6e92e6bb9b34112a356
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c85f79ab815c2baedab98c7e1cc89991b246bacbbcfe274a7430de55fad8cb8
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0effae6e9318f8764a1fa72cb2e38de932c267a60d4894bb2677cb3381211890
0fa2ba189c6449fb988cd8f18195314b5f517d0e9e0161d014847a7acc77a506
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1ca40f63a4e030a057ba5425969b6dd11f7ae21d20f9e475e86eaa554945252b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dfca00625aa6851852678e650330f64a22c0c947114e0559c649a1007b3f84e
20c17d91b63f9d106e85125afcb7cd5144580e1bde142195c86aa03b370df2ca
22c5ca16633922b0e6f6a28992eaf9d40299914bc5d671d3260bce4e5051e4a5
2322f71da4bdd74f6a5d3ab775480f47c721378bee93d91c3afecbc5f4a9915d
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
350339b82122dba7f8bbff0f5fcd92a339a58f490d43a881dd1329787dfceb13
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38593726df1dd64f316510e2129228d002bc68707fb4571c271779baba0eab69
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b43adc4bb1104e13a1e0644c0aedbc64a57b7fca1ecfcc67188b1957dd1c087
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459bd3167967811c980365e8e11027411ebdd4a8f6f693e55188d7edd46dc6e5
4abd9bf30a97b124e59abd9d0c553eb55a40caca312ea0340f2a5a1b327ca601
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
528e4ff857e86d2d05a07f463a96ef00d7b2813b4d6ea389cdbd284d929006f9
5318ae462cc3126ca995e4cc3c5a1b516095525b5e28a66139c4c4668e4bc903
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59d0da7354bfa46fdf9f49b95c0eefb1965b58746e40c08cd3651c96793dc4ae
615634720325377624eb3e7eb0b9c3f7480594a0115b38c3c164a745e6f40132
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624f4a1b9ad8eac26eafb106b22c9737a38b21f31212b3bec6aaa727c1bdebc2
62a1d3bbcff0cdf4128f19252cb3e463ca1c749c7e5fae067450443a3977dbf0
6a1d51d0e8e557b18e2be8bb3fbbd54c43840fd194b41d54178b78b154812ee8
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
784f2a13a5f055daee0754666d63759369827ab9b97f9e15301165d9a6efb07d
79f232f919992a52ae9b554ed1bf83702a2eca387a0aceefc9645941f031784f
7b5ad8e2c9632e9aca635faf94aaa92987c64a7976400204f7c51de5cc827e98
7df4ad4c074a08da990fb11d3a0ef15eeed691e2791acc040342e0a79ea06370
7e8d478ecc93407b86c93ff477e0f919383e9f1d254aa0480060c5a83a8fa035
823bf47febaca2c2aa0227b998dc655e7f052d68a2cd24a9b491bfc478dc0383
84dcc96a95b39eadf25bc0fcaf5cb813b8ba9e4987d87093236bc8f0bbb3908b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d8cf0e0ca0e443b4014515371dd148cc78c0748836b4a7d10b4a32de2c53b4
8a7373563ba5e7d84d3d49373f07fe75c818c20c5f2caa19383d2d2fb3576daa
8b4c6ab47b758b82496116b4f9134056ddc34085a56c27e9971e74457b502979
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90238de78f9a840f13f19cb31f4fe396f856438f7bfb57ceaf426509eb9887c0
979347b39ebaf9eec608ca41280a1a0624b506ad3e4d4697f1ad1ba6c2f0c2c6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab0b10103378e67d197c4f5406300b7e70c34aeeb257599ea798edbd1344110
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a68300f0062dc6f56cae68897de0bc1e39aad39180e0ccff54e34e81c61ad78b
aaeb1f50fad6434eebac6c0506c0c39ea69398aad07dd3173e10f0eecd05e3ce
ab2f5f050246366d63f818bdec903e82e51ef79a9af5452a9c57d5c6b794c00e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada13717fb593f726da54a569e280418d76e11f8761c63e4386521ce7e6dad23
b101a089f7e41dcb9fb895a890ea7b6ce148c2de2a9d64a1550e35fa298de96d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3366ef4d5f7afb5d9151de6d10b1d67d9c8d0d8913a12456535f03a8eac1984
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b9c47ca5d29e153adce3f0017c4f3179f93d38e6758e863b20508c3b2ebd2311
bac7ff0eae75845f9da98a78f599c08dfcb9b0f7c4879f15522e4f00588e5dbc
bcd0fd6f3738e445f4aafd34e56da8bd8cb272fb41c21f7c651a2e579d43f3c5
bffebaa12d83062af2def4d2f8e5127346c1f766c4cd27ee0a10249a95df0c82
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
cbcbcaf658dde72ef89e91ab99d3de9e45a18e815a934640ff67e4f7d2949974
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3c9f9fbd649d05a1fd08247b3cb102ca54fb47d153b59b1f4666f1ab3f9edd7
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7001f8e450724509b1585956a413caf660e3e48552578130debeba2db647783
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10
dac100278642e28a822fc025295a1cf4969ba1e7a9a1a196b9f2a000d5723aee
dd0154daba4727f3fbaca0b516c3dcf564414305146a311aeacd78829f4e7812
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e05fc6c23d575819d8d853f9a2f5cb1beca50b14f3c975770102d589a5eedf92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dc7ec907bc0432885702c6d8f0a0a44b248b2c26dab3ca8d3fbaa38753021d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec258beba0f4f51e5d88bb4d64ee01e6cb0d5c518e327cb2e39c665a934c575c
ed176a96b9020f83f4a04e8a97a80637aaebb95d3a80dd6abb8a5662344779e7
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ed965c6c2b8739e597edde025ae4876570759c50f10e8694c44a1299b2b1a6cc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f83e386df031cade263caabcb055c46a6d731b64fccd6ba9205d1845942631
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fcf1e459ad93231b5a61cd092a60e6d0fccf8e11338b0fe28b7fc260ec7b86b5

giveaway.eventnerdz.com Open in urlscan Pro 35.167.136.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

92 %HTTPS

57 %IPv6

35 Domains

45 Subdomains

39 IPs

7 Countries

3739 kBTransfer

7765 kBSize

52 Cookies

0 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

giveaway.eventnerdz.com Open in urlscan Pro
35.167.136.136 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

92 %
HTTPS

57 %
IPv6

35
Domains

45
Subdomains

39
IPs

7
Countries

3739 kB
Transfer

7765 kB
Size

52
Cookies

143 HTTP transactions
1 data transactions