urlscan.io logo urlscan.io
SecurityTrails logo

thinkgiveaways.com Open in urlscan Pro
2606:4700:3035::ac43:c3cf  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://worldofwarplanespromo.blogspot.com.br/
Effective URL: https://thinkgiveaways.com/?utm_source=clnfs
Submission: On October 18 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 5 countries across 22 domains to perform 86 HTTP transactions. The main IP is 2606:4700:3035::ac43:c3cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is thinkgiveaways.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time thinkgiveaways.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 172.67.175.18 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
14 104.18.8.67 13335 (CLOUDFLAR...)
12 2600:9000:236... 16509 (AMAZON-02)
1 172.66.40.77 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.2.133 54113 (FASTLY)
86 28
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
worldofwarplanespromo.blogspot.com.br
worldofwarplanespromo.blogspot.com
7    2a00:1450:4001:808::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
www.blogblog.com
4    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
4.bp.blogspot.com
1.bp.blogspot.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cleanfiles.net
1    172.67.175.18 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.sharecash.org
1    2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogblog.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
16    2606:4700:3035::ac43:c3cf (United States)

ASN13335 (CLOUDFLARENET, US)
thinkgiveaways.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
www.gravatar.com
14    104.18.8.67 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
user-assets.out.sh
12    2600:9000:236e:be00:19:6a95:5b80:21 (United States)

ASN16509 (AMAZON-02, US)
d36eyd5j1kt1m6.cloudfront.net
1    172.66.40.77 (United States)

ASN13335 (CLOUDFLARENET, US)
gleam.io
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
1    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
www.filepicker.io
Apex Domain
Subdomains		 Transfer
16 thinkgiveaways.com
thinkgiveaways.com
402 KB
14 out.sh
user-assets.out.sh — Cisco Umbrella Rank: 147422
3 MB
12 cloudfront.net
d36eyd5j1kt1m6.cloudfront.net
5 MB
6 blogspot.com
worldofwarplanespromo.blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 12207
4.bp.blogspot.com — Cisco Umbrella Rank: 12201
1.bp.blogspot.com — Cisco Umbrella Rank: 9487
385 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3463
onesignal.com — Cisco Umbrella Rank: 1191
83 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
180 KB
5 google.com
translate.google.com — Cisco Umbrella Rank: 1255
www.google.com — Cisco Umbrella Rank: 2
apis.google.com — Cisco Umbrella Rank: 112
153 KB
4 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 16119
blogblog.com — Cisco Umbrella Rank: 15031
www.blogblog.com — Cisco Umbrella Rank: 31689
1 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 8726
64 KB
3 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 866
fonts.googleapis.com — Cisco Umbrella Rank: 44
110 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
87 KB
1 filepicker.io
www.filepicker.io — Cisco Umbrella Rank: 20550
19 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 226
615 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 343
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
42 KB
1 gleam.io
gleam.io — Cisco Umbrella Rank: 60077
44 KB
1 gravatar.com
www.gravatar.com — Cisco Umbrella Rank: 3640
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
4 KB
1 sharecash.org
widget.sharecash.org
1 cleanfiles.net
cleanfiles.net
862 B
1 blogspot.com.br
worldofwarplanespromo.blogspot.com.br
442 B
86 22
Domain Requested by
16 thinkgiveaways.com cleanfiles.net
thinkgiveaways.com
14 user-assets.out.sh thinkgiveaways.com
12 d36eyd5j1kt1m6.cloudfront.net thinkgiveaways.com
4 www.gstatic.com translate.googleapis.com
www.google.com
4 www.blogger.com worldofwarplanespromo.blogspot.com
3 onesignal.com cdn.onesignal.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net thinkgiveaways.com
connect.facebook.net
2 cdn.onesignal.com thinkgiveaways.com
cdn.onesignal.com
2 apis.google.com thinkgiveaways.com
apis.google.com
2 translate.googleapis.com translate.googleapis.com
2 4.bp.blogspot.com worldofwarplanespromo.blogspot.com
2 resources.blogblog.com worldofwarplanespromo.blogspot.com
2 translate.google.com 1 redirects worldofwarplanespromo.blogspot.com
2 worldofwarplanespromo.blogspot.com worldofwarplanespromo.blogspot.com
1 www.filepicker.io
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com thinkgiveaways.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com thinkgiveaways.com
1 www.googletagmanager.com thinkgiveaways.com
1 gleam.io thinkgiveaways.com
1 www.gravatar.com thinkgiveaways.com
1 www.google.com thinkgiveaways.com
1 cdnjs.cloudflare.com thinkgiveaways.com
1 www.blogblog.com worldofwarplanespromo.blogspot.com
1 blogblog.com 1 redirects
1 1.bp.blogspot.com worldofwarplanespromo.blogspot.com
1 widget.sharecash.org worldofwarplanespromo.blogspot.com
1 cleanfiles.net worldofwarplanespromo.blogspot.com
1 3.bp.blogspot.com worldofwarplanespromo.blogspot.com
1 worldofwarplanespromo.blogspot.com.br 1 redirects
86 32

This site contains no links.

Subject Issuer Validity Valid
*.blogger.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.out.sh
Sectigo RSA Domain Validation Secure Server CA		 2022-02-15 -
2023-03-18		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gleam.io
Sectigo RSA Domain Validation Secure Server CA		 2022-02-20 -
2023-03-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.filepicker.io
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://thinkgiveaways.com/?utm_source=clnfs
Frame ID: 3770C06E415ACF19D714BDC86328AC1E
Requests: 86 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9BB20232844E5C00D6794104B967D8B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ThinkGiveaways - Free Giveaways, Sweepstakes & Contests

Page URL History Show full URLs

  1. http://worldofwarplanespromo.blogspot.com.br/ HTTP 302
    http://worldofwarplanespromo.blogspot.com/ Page URL
  2. https://thinkgiveaways.com/?utm_source=clnfs Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

86
Requests

87 %
HTTPS

74 %
IPv6

22
Domains

32
Subdomains

28
IPs

5
Countries

10027 kB
Transfer

12345 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://worldofwarplanespromo.blogspot.com.br/ HTTP 302
    http://worldofwarplanespromo.blogspot.com/ Page URL
  2. https://thinkgiveaways.com/?utm_source=clnfs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://worldofwarplanespromo.blogspot.com.br/ HTTP 302
  • http://worldofwarplanespromo.blogspot.com/
Request Chain 3
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit HTTP 301
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Request Chain 13
  • http://blogblog.com/1kt/travel/bg_black_70.png HTTP 301
  • http://www.blogblog.com/1kt/travel/bg_black_70.png

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
worldofwarplanespromo.blogspot.com/
Redirect Chain
  • http://worldofwarplanespromo.blogspot.com.br/
  • http://worldofwarplanespromo.blogspot.com/
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15e4431b7e2c3e3d4ca55d7681f71f7b6268b7d2c059fefe78ef09939e72f2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
8989
Content-Type
text/html; charset=UTF-8
Date
Tue, 18 Oct 2022 07:09:32 GMT
ETag
W/"5a4ed94af7313cb4f060d680cc38559ee8ba25694832f681992c3afba40333a6"
Expires
Tue, 18 Oct 2022 07:09:32 GMT
Last-Modified
Thu, 09 Dec 2021 15:45:46 GMT
Server
GSE
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
186
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Tue, 18 Oct 2022 07:09:32 GMT
Expires
Tue, 18 Oct 2022 07:09:32 GMT
Location
http://worldofwarplanespromo.blogspot.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 14:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 03:49:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 17 Oct 2023 14:07:02 GMT
header2.png
3.bp.blogspot.com/-43xYXzxD7nQ/U7w2pxmtvpI/AAAAAAAAAEQ/JATRDOK36DE/s1600/ 		224 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://3.bp.blogspot.com/-43xYXzxD7nQ/U7w2pxmtvpI/AAAAAAAAAEQ/JATRDOK36DE/s1600/header2.png
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 07:09:33 GMT
X-Content-Type-Options
nosniff
Server
fife
ETag
"v45"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="header2.png"
Timing-Allow-Origin
*
Content-Length
249379
X-XSS-Protection
0
Expires
Wed, 19 Oct 2022 07:09:33 GMT
element.js
translate.google.com/translate_a/
Redirect Chain
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
H2
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a49e040140ba61fe9797d306ad2f3126255a402cc1a62da12f0ecec13a5f2b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Oct 2022 07:09:32 GMT
X-Content-Type-Options
nosniff
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
locker.js
cleanfiles.net/js/ 		74 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cleanfiles.net/js/locker.js
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.14
Resource Hash
ad88aae5e6097a15cd6ca03ef7669aae44ec119138824946fa6143efda9cc4d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 07:09:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2146
X-Powered-By
PHP/5.5.9-1ubuntu4.14
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Tue, 18 Oct 2022 05:29:12 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f28XgiMj9DpF9X4hnL4Nr0d1rPP3Eztkwp3QWWHdGKNPn6XBUh4Fjic4vX%2B%2FPG1lF03PR9zHcuvHFJS44MrIHSwPzfPsmtxtxvCPQumwZ%2BNaDxIwl9fIcb%2FpiOePdWtdaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=432000
CF-RAY
75bf72f8efd49158-FRA
jsclick.php
widget.sharecash.org/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.sharecash.org/jsclick.php
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
172.67.175.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
icon18_edit_allbkg.gif
resources.blogblog.com/img/ 		162 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 06:29:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Oct 2022 15:52:39 GMT
server
sffe
age
348001
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 21 Oct 2022 06:29:31 GMT
download.jpg
4.bp.blogspot.com/-3rvM7jT0Ni8/U7w2Vo4bDrI/AAAAAAAAAEE/IAR3wc46xb8/s260/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://4.bp.blogspot.com/-3rvM7jT0Ni8/U7w2Vo4bDrI/AAAAAAAAAEE/IAR3wc46xb8/s260/download.jpg
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 07:09:33 GMT
X-Content-Type-Options
nosniff
Server
fife
ETag
"v42"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="download.jpg"
Timing-Allow-Origin
*
Content-Length
6853
X-XSS-Protection
0
Expires
Wed, 19 Oct 2022 07:09:33 GMT
Wargaming.net_logo.png
4.bp.blogspot.com/-2BiHmM4Pc9I/UlrZkJyDYCI/AAAAAAAAABM/G675XnXkI0M/s1600/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://4.bp.blogspot.com/-2BiHmM4Pc9I/UlrZkJyDYCI/AAAAAAAAABM/G675XnXkI0M/s1600/Wargaming.net_logo.png
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 07:09:33 GMT
X-Content-Type-Options
nosniff
Server
fife
ETag
"v14"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="Wargaming.net_logo.png"
Timing-Allow-Origin
*
Content-Length
192091
X-XSS-Protection
0
Expires
Wed, 19 Oct 2022 07:09:33 GMT
cookienotice.js
worldofwarplanespromo.blogspot.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://worldofwarplanespromo.blogspot.com/js/cookienotice.js
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 07:09:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 Oct 2022 04:51:51 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
2026
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Tue, 25 Oct 2022 07:09:32 GMT
1583485740-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1583485740-widgets.js
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37512059e7516519ceed7ba00ca5d7523cc5d15ca922435b692ac3678bad5496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 14:07:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56805
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 10:50:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 17 Oct 2023 14:07:40 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6344285371758376726&zx=7d506954-ac05-4afa-b8ec-ae33338a25e8
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Tue, 18 Oct 2022 07:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Oct 2022 07:09:32 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
world_of_warplanes_3283.jpg
1.bp.blogspot.com/-JORb-KtZU_w/UlrZGUKr5sI/AAAAAAAAABA/BSQrnpSl9Ps/w1600/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.bp.blogspot.com/-JORb-KtZU_w/UlrZGUKr5sI/AAAAAAAAABA/BSQrnpSl9Ps/w1600/world_of_warplanes_3283.jpg
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 07:09:33 GMT
X-Content-Type-Options
nosniff
Server
fife
ETag
"v11"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="world_of_warplanes_3283.jpg"
Timing-Allow-Origin
*
Content-Length
182350
X-XSS-Protection
0
Expires
Wed, 19 Oct 2022 07:09:33 GMT
bg_black_70.png
www.blogblog.com/1kt/travel/
Redirect Chain
  • http://blogblog.com/1kt/travel/bg_black_70.png
  • http://www.blogblog.com/1kt/travel/bg_black_70.png
84 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.blogblog.com/1kt/travel/bg_black_70.png
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f01951293a11116b89b6e19f70cb9b72b2e3a68b2005c75d1d9b8e7b85eb35a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 04:41:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 13 Oct 2022 15:52:39 GMT
Server
sffe
Age
354493
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
image/png
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
84
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Fri, 21 Oct 2022 04:41:19 GMT

Redirect headers

Date
Tue, 18 Oct 2022 07:04:53 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
279
Content-Type
text/html; charset=UTF-8
Location
http://www.blogblog.com/1kt/travel/bg_black_70.png
Cache-Control
public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Content-Length
247
X-XSS-Protection
0
Expires
Tue, 18 Oct 2022 07:34:53 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.mOSBcBdBYPE.O/d=1/rs=AN8SPfr-53Rx1niReUamPrHQFD2WyiuPcA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 06:36:19 GMT
x-content-type-options
nosniff
age
1994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18724
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 23:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 18 Oct 2022 07:36:19 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.mOSBcBdBYPE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr-53Rx1niReUamPrHQFD2WyiuPcA/ 		256 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.mOSBcBdBYPE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr-53Rx1niReUamPrHQFD2WyiuPcA/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.mOSBcBdBYPE.O/d=1/rs=AN8SPfr-53Rx1niReUamPrHQFD2WyiuPcA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 18:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91730
x-xss-protection
0
last-modified
Sat, 15 Oct 2022 23:11:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 18:05:50 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6344285371758376726&zx=7d506954-ac05-4afa-b8ec-ae33338a25e8
Requested by
Host: worldofwarplanespromo.blogspot.com
URL: http://worldofwarplanespromo.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Oct 2022 07:09:33 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
Primary Request /
thinkgiveaways.com/ 		60 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/?utm_source=clnfs
Requested by
Host: cleanfiles.net
URL: http://cleanfiles.net/js/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45b80b940dc8c7616003128fcc56f76630f632963aa0851e15e3746295817b4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://worldofwarplanespromo.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
75bf72f9b8c79025-FRA
content-encoding
br
content-type
text/html
date
Tue, 18 Oct 2022 07:09:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6yp8SLcUSgPuFu6iSpkYXd%2BUVtJmUoxd6j07SgaEipHMrjkqD7GOEcEZF44jDUUMzSp0IFer03KFy80Dcn06jZGnSL3L5lBJiPxd8y%2BsN9JIIXUKdZGRKiyWNpfD34A0CvcyRbiSZWFz5T7uDEBRoM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
bg_black_50.png
resources.blogblog.com/blogblog/data/1kt/travel/ 		83 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/blogblog/data/1kt/travel/bg_black_50.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 03:06:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Oct 2022 19:54:34 GMT
server
sffe
age
360155
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 21 Oct 2022 03:06:58 GMT
truncated
/ Frame 9BB2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://worldofwarplanespromo.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:05:11 GMT
x-content-type-options
nosniff
age
262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 18 Oct 2023 07:05:11 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://worldofwarplanespromo.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 06:11:54 GMT
x-content-type-options
nosniff
age
3459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 18 Oct 2023 06:11:54 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 06:58:11 GMT
x-content-type-options
nosniff
age
682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 18 Oct 2023 06:58:11 GMT
log
translate.googleapis.com/element/ 		0
0
bootstrap.min.css
thinkgiveaways.com/assets/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/css/bootstrap.min.css
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"12136d-22682-5b4e0efc9a9f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBRJ4HCvI8SXUseVO5r87I84%2FPhkUj3n1N4Ii%2BLlY%2FeniLRM%2B8YlObbEGAHueFn41Lluir4PWiOTbdJggPuqdFN3g6QnRvL4K0hyLWVIEeMhadbvh%2FtVKhdtSW8Vob3GQHYTNRj3TzTyXZKTzsvoWeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75bf72fbba399be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
icons.css
thinkgiveaways.com/assets/css/ 		212 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/css/icons.css
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078e1c20d997c1d4014b6a448cc73b236d950386a86bd4098f6a94a43e932c21
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"121369-34f6e-5b4e0efd3eb23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2fdeFO998GMd%2BrkCmREQg6q%2BVzgg7zLs8A%2FifolLJiW1CIU3zV2150TF95Ec8ims4KJEqehiFEnSO5UKsPzRSs7JJVs%2F5XMYL1axzW7yRiQr5JZR%2BdYwHzefxMjTtjwhnmV5z5%2FyM8ixn7mU2MIhnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75bf72fbba169be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
style.css
thinkgiveaways.com/assets/css/ 		60 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/css/style.css
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab810e710f76b28610e7915938e272e88565a9cd4867d09a4268e985259bf91
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"12136b-efaf-5b4e0efd031f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkmExGmWJO%2BVh88Mk3xGrhmUL3S%2FcOqK3s0JoTp2c3LcH9JA0aAtz%2Ftp2RQ6YSkURTw7oCOZBQ4r4mBDTog8fdpBRvxmHH0k4U2cuhIVTJiAe3HY4470oAyGnINd7swpj71B7yC9RDhZ7UB8tJVV%2By8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75bf72fbba189be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ 		57 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15361896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3541
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-e283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWlWh%2BhzbUUv5jXcEx4ikCvf%2F6B8f%2BH9iwbGx8gS7eWrd8gGQq3KUwc2aD0IAJ6pMxG9IpMAggm7BUBchvP%2Fp8x5vvFhAy2Dz9qhv%2FgT4OSrGXXtjV21HOnkJ24etKoO9kRE%2BP86YOx8tEWDAd6wF4eb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75bf72fbc93990ba-FRA
expires
Sun, 08 Oct 2023 07:09:33 GMT
jquery.min.js
thinkgiveaways.com/assets/js/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/jquery.min.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213ba-14e4a-5b4e0efb6cd81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03uMECFCVrWT3wqnfhb%2BY%2B67wxRZPzF5PZlru%2Bsq8wVjEenOroB%2F3e%2BkxqCpvqFSDYsJ4peu6imqjEUvOCEYVDpPcVEQhF4vZVznRGUI54QY6xnpBfdImE97FX%2F9b0hmUDdVNjZdg41DPXUCBVtoOBs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba229be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
popper.min.js
thinkgiveaways.com/assets/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/popper.min.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213bd-4a59-5b4e0efad5777"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skF4jxQ91yg9kNWwIw0FUrqeltwJUIgjAwOTTnEegyzbJtqAP1f17ARZtgBmo74OCzA7D%2FQEqwUWfz0JMGQ%2FjjgLx5yAuQFOKY6%2BnDZqgy2dZRlqzs0av%2B6EZjy3dG2BZB14Bil6XWlpI1E0dqnzhHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba249be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
bootstrap.min.js
thinkgiveaways.com/assets/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/bootstrap.min.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213c0-c62b-5b4e0efb99c4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpPe9tjdcwpuY7TQFzlNlfj%2FNkm%2FqpXlbpHiMfjoOZMh1IdSnM1bNOFGfd%2F1N%2FuBlIJAxDYnkADte1D%2B%2BxMlfkmjcw2o27mH%2B41IPR3zWK1C5xMm3KY9Y6qFfpx9gjJeRUyL3fa3z7YbEazLCDYiSK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba289be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
modernizr.min.js
thinkgiveaways.com/assets/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/modernizr.min.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213c3-2b4c-5b4e0efb12fe8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xqc18%2FkMG%2B%2BysfIqniw%2BkCrmisLGr1ZQ2qoKopgseYZkUoRg0%2B8RsieCxXMPzlgW5fWapHE1LN0Rt8OpWiqfO5QnhvP8Ay8PM60jdoYrJCu0qy%2FXg2RIdofnl6j07jNtsLmjdgNLC82Tqx7tSXS%2B4QY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba2c9be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
waves.js
thinkgiveaways.com/assets/js/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/waves.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d7ceeece5addab399ec43c713970ae5935ac3c1053b0bca98cabd67a24078c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213c1-10e8f-5b4e0efbb80b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBBDBnp475JXRQGJAYucE2JJuAcoZE2%2FuY4ngNyBxdWukvHZp4bkg5r9w9n0YvmeU5MRr2UFQkKtxGY3RDrbtjqdBeeE8EAd2BakhRk%2FdmeBns0s2vsjzqP9FxvFjq16Hl2avi%2BSjWRqEN5luNeF97Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba2d9be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.slimscroll.js
thinkgiveaways.com/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/jquery.slimscroll.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a63e1eafdf9a9413e8fe8cd5545816c6d60df8402d7cc8a578ef65272edee2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213c2-355b-5b4e0efbe3fe2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40%2BaHptkvS5REsHTAMi%2FUtwUn1O1HcLpSaKQYzQ3iEWCOgRWrjjKJfR7IYMCIx6wYe7IEKM5e1Poetmq3rarWw5cU3T%2BJ2ButTwNMjkDxqioLRmqns2tv1pTRXG20DSg48rHfJch9J7H789tiaufbHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba329be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.nicescroll.js
thinkgiveaways.com/assets/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/jquery.nicescroll.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf74a158de705b69d257c2dd77a67b240950ff88dd563b0e8455126b404b6221
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213b9-e7e4-5b4e0efab82af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHUFB2rQP2GFkRWPiMu9YeDF8ryvVmnVVVVqwsDND4yKaiM5fSc%2BWbx%2Frs7TTba%2FWgAFoLaYC0gx0IVgMPgiNHc4LzybobbnkARRTKRLwHYY6Rkbed15zjjU5ghZCYBEhLUaKy9t%2Bsy9Lu7WwaL9cQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba339be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.scrollTo.min.js
thinkgiveaways.com/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/jquery.scrollTo.min.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a62ad2a11276742a4b001cd188ebdbffb245af584262fd7950ce3b0b0c11601
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213be-982-5b4e0efb304b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fUpnRyTipsYrI3eXn6H0zNU5PjRlQvO7zELbXLX2dTdFOvNDqxzGthFZthUrZj1YShkqnlIkoNC80Bi6vGfdBPME8Ym3SR7oiVuxsaGv045LPtK7D7lefrcjN%2BP%2FfmSxqH%2BqlaMerifn7lvtC%2Fl5Qw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba369be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.countdown.min.js
thinkgiveaways.com/assets/plugins/jquery-countdown/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/plugins/jquery-countdown/jquery.countdown.min.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:27:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"121af5-14db-5b4e0fbdb9884"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0N2BY6vHvVmq8TLBqe%2BzZRXw%2F7FiTNKGZlpgW%2BDqMSrMNdZ8wqmJpG4bnVavbM5R5zoxDQBWXSgKuE%2BZH6munEHYzTxn7mXe0ZYgRvRXDaz9QJYbrh1fV00HyPTEcudBcBytZ08BgMEHb5ULh3OyaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fbba379be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Tue, 18 Oct 2022 07:09:33 GMT
client:platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js?onload=start
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36465a11a128fbca02f2178f46002491c0dc2b6a1ae9e5c99d02b9a94571102d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 07:09:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20362
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"a671a67b9a38a2f2"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 07:09:33 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2490
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
75bf72fcaa706949-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 07:09:33 GMT
4e96895a6e89a52a6eb7abc53608de17
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/4e96895a6e89a52a6eb7abc53608de17
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
991b89e27049fdb8d2db1c46db95b9809e5f5a7d2afc3377634144cfea680f70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 18 Oct 2022 07:09:33 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="4e96895a6e89a52a6eb7abc53608de17.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/4e96895a6e89a52a6eb7abc53608de17>; rel="canonical"
content-length
2637
expires
Tue, 18 Oct 2022 07:14:33 GMT
iphone-13-pro-max-giveaway-2021-2022.jpg
user-assets.out.sh/user-assets/201223/qGVsA4hmRZeoMV3m/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/201223/qGVsA4hmRZeoMV3m/iphone-13-pro-max-giveaway-2021-2022.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45cf51e69130a68badacb8079f121ce71e6d756be8f774fa329ff540ef5fa8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
jsGwlons3p0lTqLfy7JmLjjI.IeWf3vO
cf-cache-status
HIT
x-amz-request-id
NM9TF7G3VWTZ5SBJ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40879
x-amz-id-2
AbsO/DIPl8TkaOyPwrOHy6A1DghWtblBRDET7ZZcUD5Ag2ypy3Qi3+xAvRGovFXcnVLzgjCa4vk=
last-modified
Tue, 19 Oct 2021 19:52:47 GMT
server
cloudflare
etag
"6ffaa18ed801da3dac04779f28608bb9"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b75994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
nintendo-joy-con---d.png
user-assets.out.sh/user-assets/1468527/qwDONIRlDaaIGoEo/ 		395 KB
395 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1468527/qwDONIRlDaaIGoEo/nintendo-joy-con---d.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a676d1e515f604fa21ab8244ec0bf21045447223d3d57a29f9b50564a4ebea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
cFkT5SXV9mUiyBceHI3oKr3a2OW0seq5
cf-cache-status
HIT
x-amz-request-id
TNP6JT30AYYF0PT7
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
403968
x-amz-id-2
Nf25CibIKe5utPkLIXBvRs3n4V1WnX1iebpnZMoIkdAlG5lAkzzCSLoR63LKZuKgxpNARphQvaQ=
last-modified
Sat, 21 May 2022 01:02:05 GMT
server
cloudflare
etag
"a7cbd0ef5274094521f8ba91b533e50e"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b79994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
ring-stick-up-cam---d.png
user-assets.out.sh/user-assets/1468527/rIz3PDixBoUTPT4N/ 		415 KB
416 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1468527/rIz3PDixBoUTPT4N/ring-stick-up-cam---d.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c519280213fb9b033ba4484899e648532be2f42e0fdcff2508efc8a029559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
ridDQQymSO7lU2YX_.A4T3OdY0xq7YSu
cf-cache-status
HIT
x-amz-request-id
NTHA49C0DQWRFW6C
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
424998
x-amz-id-2
MpQSP8LeIvk21RZqCgA7SIaVtXvX3USWkYGk3TEjuNJLXq+g6Kws2Mk+9wCMdv0/1F0HcbR1Fzc=
last-modified
Sat, 21 May 2022 01:31:12 GMT
server
cloudflare
etag
"2c46e695cf428be040116ca021c58df7"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b7b994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
apple-watch-series-7-giveaway.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/201223/2lG198uN4TmrwqU6/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/201223/2lG198uN4TmrwqU6/apple-watch-series-7-giveaway.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a67b66af1dd4d8b246925ec83036507023fd7f6093b72d8c403357319da5536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
ejd2YqTWgkxq4fagn9gbL0UsVrpkMdcs
date
Mon, 17 Oct 2022 07:11:08 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 20:17:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
86306
x-amz-server-side-encryption
AES256
etag
"7f96a1e81566bcfcef499645eb0574fb"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
89800
x-amz-cf-id
z5F02kxfYR_rvNu3ls555VERBP8zkAEEvyWqqKCzM-XJeD-48mbUmw==
giveaway-share-image-fb-post-sized.png
d36eyd5j1kt1m6.cloudfront.net/user-assets/1452991/AH5cuonDkxPoCSVo/ 		657 KB
658 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1452991/AH5cuonDkxPoCSVo/giveaway-share-image-fb-post-sized.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47821ab65d0f98c7daebedece30bdca06e610c213eaabd45cf37a0e832b71c1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
UBDwYj9Cg454eVq730aXGUojkx0t7tNH
date
Mon, 17 Oct 2022 07:11:08 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Thu, 17 Oct 2019 14:41:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
86306
etag
"31147833b32e8412ca3f313f119cf225"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
672519
x-amz-cf-id
06RSavFKG2OfU0zgxiIdSqFyYqJ7RLbGCiarKR7CcpSel0SL7Co7VA==
elden-ring-ga.jpg
user-assets.out.sh/user-assets/1690972/Ck6iOnGsypFJXti0/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1690972/Ck6iOnGsypFJXti0/elden-ring-ga.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c9263f89ff67cd96c5740e02010f519df6cd6ab20d3ffba51e9ee43273d7f7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
jta8u_Utfwswlu7B0THTG5KsLpNEpom2
cf-cache-status
HIT
x-amz-request-id
D3W1FJ54VPDQX875
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71774
x-amz-id-2
T2/SxKsHIx9SXK73iVmAKMli8aYBxKsb08aAk+rKjglCjTf/N2ZlW1dyCeLCnk+BKtrBKPj5VH4=
last-modified
Sat, 26 Feb 2022 03:27:44 GMT
server
cloudflare
etag
"db04b6d534dc47275e49fda0d1bd94e5"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b88994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
apple-watch-series-7-giveaway.jpg
user-assets.out.sh/user-assets/201223/fN9gL1ivXyu2pVk4/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/201223/fN9gL1ivXyu2pVk4/apple-watch-series-7-giveaway.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37947490e0520c2ceba996a56816822048a6abbc28de3659d62915b9355df01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
e.aE87JKrn1o4bmuROzJx5I8HhtYJrTq
cf-cache-status
HIT
x-amz-request-id
A4DCSMKYN3PYC406
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78846
x-amz-id-2
9bJy0FoGjuLHIUc0zfhKY68tQ3CiGqlyW2T6FdyNZf5q4VhBz77AMSMMBovzCowXhdwvxXwcfcE=
last-modified
Thu, 21 Apr 2022 17:51:45 GMT
server
cloudflare
etag
"91eefd5e7a770826adf09e3d6da82d8e"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b8e994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
gaming-esport-mvp-player-instagram-post.png
user-assets.out.sh/user-assets/1918973/2ZldvzuPFCrLw5Vm/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1918973/2ZldvzuPFCrLw5Vm/gaming-esport-mvp-player-instagram-post.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0b866a56b779f8db3610145ffc7489319f49589186049df81963e88bf1133c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
IR4POgPmJe5Xe.3H4fe1RZbKaFDYjrbQ
cf-cache-status
HIT
x-amz-request-id
M3W0A9VMVWZRN9GR
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
201108
x-amz-id-2
E8uiVDzX6zhVpUm7R3JyIqu9kvU6kH5AoXtEyi51rvjbRw+Z3vUGpILpndgw31pHglCXleE0YNs=
last-modified
Mon, 18 Apr 2022 15:13:33 GMT
server
cloudflare
etag
"5d980043468c7d5746b83e0cf9c288db"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b86994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
default-giveaway-img.png
thinkgiveaways.com/assets/images/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thinkgiveaways.com/assets/images/default-giveaway-img.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360bdc3c437ce0f13597e564fac7207257b5dbdd3b37eb98aa54d1cdd4a0c31b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4012
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
160931
x-xss-protection
1; mode=block
last-modified
Tue, 24 Nov 2020 21:28:28 GMT
server
cloudflare
etag
"121391-274a3-5b4e0fddf8000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baPRMXOe%2BBHaq0SuCxizThmGZGJrM7MixM84DIpYS1%2BV7lvpwpScD82twH8rr6sgAplzwaEMfzuxvN05mUQllkeg%2BYT2%2Folh%2FG5RfuSmr4vRE7GgqBNsRQ4kvTbG%2BPaf4vkfTn6IcyPklLtUlUeZK0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75bf72fcbc4e9be0-FRA
win-a-free-ipad-air.jpg
user-assets.out.sh/user-assets/201223/Cjokr7NuZS2dBSsK/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/201223/Cjokr7NuZS2dBSsK/win-a-free-ipad-air.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16126a85b4c1b205a352a33215c1f742449591edf6b567c1da6efd76b12066d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
L0ZVYWRoLHsJi5j8jku3E0exSx9Qupiy
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 22:53:16 GMT
server
cloudflare
x-amz-request-id
GWYH956GMG742VB0
etag
"6103234764f607a602a0900daec04c0e"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b5e994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
131661
x-amz-id-2
ccSo0E6xUhIHtuqUlT7QU0gEMW8x2W877MWJDRcXScH85bWh6qGjbWVoVoLJuhwmhPS2F6uXsyk=
expires
Tue, 18 Oct 2022 11:09:33 GMT
artboard-82021.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/1687431/8uug1mjQuElRyaNW/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1687431/8uug1mjQuElRyaNW/artboard-82021.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fd716372b36b940a4f87459318187fb5b6156e06e14cdb2b73487ed25543602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
pOKpKVzTA2fi60pcq.VwiGldQlBJ6mFD
date
Mon, 17 Oct 2022 08:50:58 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 04:28:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
80316
x-amz-server-side-encryption
AES256
etag
"3ac108822704f327a548e75a763d3fff"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
61480
x-amz-cf-id
Q1vMPu1VbHk1RKsOFPhc63aOIOSjQmyoo4fBTf3PO2S3v9DgPIMlEg==
open-graph-win-469fa58a7e169372dbcb822e27251cb38041703fdf24fcbe317ffa48ec15b863.png
gleam.io/assets/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gleam.io/assets/open-graph-win-469fa58a7e169372dbcb822e27251cb38041703fdf24fcbe317ffa48ec15b863.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf32f04aa38c31837e91b5ee3531b55aef2b3db9801462570451a6438262d32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
81167
cf-polished
origFmt=png, origSize=59697
content-disposition
inline; filename="open-graph-win-469fa58a7e169372dbcb822e27251cb38041703fdf24fcbe317ffa48ec15b863.webp"
g-host
meepo13
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44784
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Aug 2021 16:35:16 GMT
server
cloudflare
etag
"611a93c4-e931"
vary
Accept
content-type
image/webp
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
75bf72fd4bb490af-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lambo-peach-2.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/1779863/un3AMxIkFqXILg1F/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1779863/un3AMxIkFqXILg1F/lambo-peach-2.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53ed9708f8247484670a33871de9196fa4d848f2c6a3c84b974c4aaf9282c6ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
9HYajoX_VoDPsPjgxnY1iP.zTRlwVQrw
date
Mon, 17 Oct 2022 08:12:45 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Tue, 01 Jun 2021 05:30:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
82620
etag
"821d380bf2a211773a1b71e3d1d93048"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
49079
x-amz-cf-id
dcDuIisqycUybX-1HImdaTn_Bh6WOc8WM3u-u3-ENIa14SR_QlwezA==
huger_01.jpg
user-assets.out.sh/user-assets/1015088/E7Xrped6ry8Yvqmh/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1015088/E7Xrped6ry8Yvqmh/huger_01.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f29c474351fe311168ec981c134924999453a1e8694710d5541e28507904dc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
N9mSjl6FpVWOmg0.Y8yrWlWOfagfUuSO
cf-cache-status
HIT
x-amz-request-id
YG3F654WC55HV7A6
age
6286
cf-polished
qual=85, origFmt=jpeg, origSize=126565
content-disposition
inline; filename="huger_01.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44190
x-amz-id-2
CaOMJvCadkE+MVyAh6VteDiIgXFHjjoKlAnNjs2JToN5UfHLxtHaSA43kIdYyGM/DjMS1olpPLs=
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 Jun 2020 19:44:37 GMT
server
cloudflare
etag
"281263cfecc0557499dd089a7c850407"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b62994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
sweepstakes2022-image-correct-size.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/211351/mfsowWznMc1lQKUi/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/211351/mfsowWznMc1lQKUi/sweepstakes2022-image-correct-size.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71a07eb829d11f5f66cd6b0473d66500643f346d53fdb56c55230083d48c567c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
BOVMNaEAQUORZeKrM9B2FDiGQEdJTSd0
date
Mon, 17 Oct 2022 08:12:45 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jan 2022 04:07:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
82620
x-amz-server-side-encryption
AES256
etag
"59862c7b1e8bee39c9cc832271b102d7"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
182944
x-amz-cf-id
fwlBUwW6GXoJ2-BmNUIlzcTo0hZIBf3hIeROYq3bJpEUvDkjb1U2rw==
fx3fix.jpg
user-assets.out.sh/user-assets/1938955/WtQ4fQO4Ih5nZlpq/ 		483 KB
483 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1938955/WtQ4fQO4Ih5nZlpq/fx3fix.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ae93d843d61a530d75e5f65c295316a608f15b27f2e434eec4ec86d158356a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
sf2ZGaBL6B.DYnxZ2GZHMmWWneqN4XLt
cf-cache-status
HIT
x-amz-request-id
AZ4HYB2P7PC6ZEBD
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
494286
x-amz-id-2
+G7m7p4Xh9AaXLe/QBQGXXZjU8lDaLLcm2e2Tfd8pxV6YeOMS4HHcXSO1VrWQZO0S5iJPWeCb9M=
last-modified
Wed, 02 Mar 2022 06:36:17 GMT
server
cloudflare
etag
"b25d818b4e9ff30de84dac8650677c6a"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd2b60994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
untitled-design.png
user-assets.out.sh/user-assets/1440331/or4kVwiT9A7Cz6v7/ 		607 KB
607 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1440331/or4kVwiT9A7Cz6v7/untitled-design.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc87b273aae97d2ee47e1e8f17327f8aebc29e7832d008d06b827bf088b16c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
q_8Qhjra2ZmslMsYWG_tm5jAktJw2S5.
cf-cache-status
HIT
x-amz-request-id
17V6FWD8Q6J44PCJ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
621065
x-amz-id-2
LwwaiGJffplNNlx0tSFT/aQtbSuTrbtFCb++P3P808XVUR9+Iw/7lhh033MTxJyZLquZA8l61m4=
last-modified
Wed, 23 Mar 2022 19:42:49 GMT
server
cloudflare
etag
"5f16eca937d0c2df863a8d2aa3407e03"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd4bcd994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
untitled-design.jpg
user-assets.out.sh/user-assets/1440331/izVze0u0H7Q4HSxj/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1440331/izVze0u0H7Q4HSxj/untitled-design.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ecd2e6a9443e1ebbce06cdf548e00b7aa70a42727757b2513ffc55f6f80869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
7.uUQRNV6sWdy1YhVP0hUHbJgLb6qyeA
cf-cache-status
REVALIDATED
x-amz-request-id
ATZJ4ATVNK9Y6GSG
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
170672
x-amz-id-2
yNwt3+3GNCrnYGZZkGNda1jvK/3+u/LYse7IG3IrVu2VBKx2VdZsDMgW1wJhbA5Uo/BFAIQNp9s=
last-modified
Thu, 17 Feb 2022 15:43:54 GMT
server
cloudflare
etag
"d4eb05f273da446fc20c552e81251f97"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd4bd1994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
1201903472799440.edmcwfpl3ftequwcvrqh_height640.png
user-assets.out.sh/user-assets/1440331/YalBSydGgeIvu91s/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1440331/YalBSydGgeIvu91s/1201903472799440.edmcwfpl3ftequwcvrqh_height640.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d203152ed39d28c3b1a30ea233e73c3e4f97bca90ab4f2ece7c14017ad52b535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
CzDmJXyE.HlwBc_OYnTuwBWv4XNWe9uS
cf-cache-status
HIT
x-amz-request-id
TVD9SX9NJBHM3NWG
age
2857
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115046
x-amz-id-2
LiID4yPiC+FIAAKasWv4W7BpX0rJ5QplQx81n091fMP6pcg+Pe7qeR9hOQrGn85tQ7ONMOw3+lc=
last-modified
Wed, 02 Mar 2022 15:33:09 GMT
server
cloudflare
etag
"595bec4cad2800330947d25ac85562e8"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd4bd6994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
enter-the-amazon-gift-card-giveaway.jpg
user-assets.out.sh/user-assets/201223/2FNuFJSF2rEs9weA/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/201223/2FNuFJSF2rEs9weA/enter-the-amazon-gift-card-giveaway.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b34f4784564b217fc740867948b7223f3de266a5c1f7b2ceee1198c0d8db66d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
GJeqaH8Z438PXXOXQEcsAwmhfvFxOM8F
cf-cache-status
REVALIDATED
last-modified
Tue, 27 Jul 2021 21:15:24 GMT
server
cloudflare
x-amz-request-id
1XBB97TTSH5RTXKK
etag
"0d8e2e69a6f2cbf4f3e26ce268d9ea08"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd4bd9994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
151596
x-amz-id-2
odykjGjVX2/cw5kGeZ+33gPo5dwCvi6FpBBnjNIhGdY2jDhW5WGqdPW2Y9BH9AdSJDVigZ3eb7w=
expires
Tue, 18 Oct 2022 11:09:33 GMT
mystery-gadget.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/1350944/NzIgi8to8bafYCow/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1350944/NzIgi8to8bafYCow/mystery-gadget.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13c525f7fbcf8e94693c055f358abc6eb2c3d08f5a8708563320543c55767749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
rz7tAAjQe2bxOP29mi2upewoBYCR3hZa
date
Mon, 17 Oct 2022 08:16:20 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Wed, 20 Oct 2021 09:15:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
82430
x-amz-server-side-encryption
AES256
etag
"22d4d8803f1158e1304c0ba66172f811"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
98769
x-amz-cf-id
nCxqd7aoXYD471YvsbYew-iUQ33G8iY-3YU9m2epIG6izKjvACvfRA==
81ijksjymrl._sl1500_.jpg
user-assets.out.sh/user-assets/1578449/nAVvg3TfIAGTjNcp/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/1578449/nAVvg3TfIAGTjNcp/81ijksjymrl._sl1500_.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16a6e805d3865676aacbd1c52a736b389a7ae0daa6cc5c48d20083a2a4c3ccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-version-id
Pw6k_7FZgq5QtM57EpKhG7_fxlZ0WCpr
cf-cache-status
HIT
x-amz-request-id
W0H0E8KH1NS2GTWE
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117099
x-amz-id-2
dg/PM7twsxXx7nKi9QOs6QFkH7CWm434FoieTeGXIri1QMSepoPDIQnyW9NghWQQfxflAvm1oEU=
last-modified
Thu, 03 Feb 2022 04:54:38 GMT
server
cloudflare
etag
"e8942660111e0ebc3c0d73bce204a6bf"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75bf72fd4bdb994e-FRA
expires
Tue, 18 Oct 2022 11:09:33 GMT
f864fb03-6563-4603-87a0-e891f8c03f68.jpeg
d36eyd5j1kt1m6.cloudfront.net/user-assets/1499494/QCu5g5wkRQslzbgF/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1499494/QCu5g5wkRQslzbgF/f864fb03-6563-4603-87a0-e891f8c03f68.jpeg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a760ea5e970de191757b56f9ee572fb1cc07c61ee6675cb1ec60caa42767cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
yAKAlc6ZplW2SkN7HlpBNDKqWDmFXIXU
date
Mon, 17 Oct 2022 07:11:08 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Tue, 11 Feb 2020 18:17:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
86306
etag
"545fbbee9f1ec0a472426221e8614835"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1158634
x-amz-cf-id
9CIRaTzfqn5PPEKEF9vJUlYrq5RlwVCBRX1ViW0KFy_9-bgu3Hg1Kg==
ps5.gif
d36eyd5j1kt1m6.cloudfront.net/user-assets/970825/dj90nZr95K0FInJh/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/970825/dj90nZr95K0FInJh/ps5.gif
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
603b75683b3ca4a737af3ff82564f38dd5fe96c930abcbee07f8385fae36c54a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
eEKd6_SW45XRKwjiluoAz7G_nP5E4Bfx
date
Mon, 17 Oct 2022 08:50:58 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Wed, 27 May 2020 13:20:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
80316
etag
"390156949d703150e8433a548b5f049c"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
1681578
x-amz-cf-id
JGwH9_ZDAUqyQIVLgMyM4-Omh8OdXH09NowWeediQ0vMOQ_Ei_EDww==
adore-me-prize-image.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/579570/6Ri7yevfRYiaBTMa/ 		457 KB
458 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/579570/6Ri7yevfRYiaBTMa/adore-me-prize-image.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe0b6a28318f99fa0ea186e3ed6d34b44b9f75765c43c79f5a5a0f498dceb377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
LLBESEFz.Z3y3gGzUCE2PPkmY_brPGw2
date
Mon, 17 Oct 2022 07:11:08 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jun 2018 06:49:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
86306
etag
"281ca288874df2d80db5592d1c34cd56"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
468217
x-amz-cf-id
4dWOTGp95A1ZLEGN2F4siSS4jmWtdnEBMgrJUnreXq4_hMktREEBMw==
nomansskynext.png
d36eyd5j1kt1m6.cloudfront.net/user-assets/2/yh6pPxJ1G1FO6PyR/ 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/2/yh6pPxJ1G1FO6PyR/nomansskynext.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b9cace9e92bbc84d4017bc813b536d282943761d41f2ad3d331556f6e75e8d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
s1fhJ2rxqKpZZUP.Wv6iH51oyZad6mG5
date
Tue, 18 Oct 2022 03:04:49 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Mon, 03 Sep 2018 06:26:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
14685
etag
"ab7141165240d7f953e519dbc0681c5f"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
293444
x-amz-cf-id
4W2TuDSXyOd34MyQFO3QafjmrNKSEyjQrbM3hGt9ooq-1mNoyiDGQQ==
25anniversary_holidaygiveaway_1080x567_gleamimage_v1.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/1207282/89V4xSJZqgprECrk/ 		453 KB
454 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1207282/89V4xSJZqgprECrk/25anniversary_holidaygiveaway_1080x567_gleamimage_v1.jpg
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
949468ad4d0d5c7886e389f8d787f1796379afdf2286f9e33c8579ff28526a0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
.uvDeQDtxthlZmLicE9qciz3mLM92t8M
date
Mon, 17 Oct 2022 07:11:08 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Fri, 22 Nov 2019 01:01:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
86306
etag
"6193d917de6d825f5c1a18c2b86ebd51"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
463690
x-amz-cf-id
Dd4Bvftd14ZtcjupMjWx96FiP_8t-odzI96IKUq2ZPEwJ8Rstx_bJg==
giveaway.png
d36eyd5j1kt1m6.cloudfront.net/user-assets/453566/8CPRUH2y7ujFZrsY/ 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d36eyd5j1kt1m6.cloudfront.net/user-assets/453566/8CPRUH2y7ujFZrsY/giveaway.png
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:be00:19:6a95:5b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c056f09113d4241f7280bd25f9c6e8965c10338bb0309c199e4bd95888142d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
xmWkPyDNUvnRuo9ogA78ncjmheLZ1W1g
date
Mon, 17 Oct 2022 08:12:45 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Fri, 08 Feb 2019 20:11:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
82620
etag
"e9efb58eb4c8e668c06ca579c0acc706"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
308783
x-amz-cf-id
zo_jaq-6ZtnHn1C11iitGQVY8nsJDYr_TNIls-Kg8-jQrLaCsHnhwQ==
app.js
thinkgiveaways.com/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/js/app.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0953f16b49d47712d4f4dddb4d7cd0d1fabbda976ae137f7d82485928d3ad3ca
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/?utm_source=clnfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
W/"1213bc-b38-5b4e0efaf5b20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4JxF7BrxvUbz5GnHTwqGjACaVvZYNK3rFeklZzTnPIdoZFfgFYZaSv5jKn771TPnBvba8vE7yhWEjOysFJyBvwhJihI0OsOqWFJPS0BPguOlYEseuytdaoKl6zujqy3%2BiCObuvrsxEFVnIDijaQY0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75bf72fc3b419be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131470213-1
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
def478aadd4802c1ded972d1207108d9baf51dadde296cef382a629e584b43bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42481
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Oct 2022 07:09:33 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arimo:400,700
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Oct 2022 07:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 05:18:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Oct 2022 07:09:33 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thinkgiveaways.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:03:39 GMT
x-content-type-options
nosniff
age
468354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18260
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:03:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 21:03:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thinkgiveaways.com/
Origin
https://thinkgiveaways.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 06:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 06:41:33 GMT
themify.woff
thinkgiveaways.com/assets/fonts/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thinkgiveaways.com/assets/fonts/themify.woff?-fvbane
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/assets/css/icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c3cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thinkgiveaways.com/assets/css/icons.css
Origin
https://thinkgiveaways.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 21:28:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4012
etag
"1213b1-db2c-5b4e0fc8c5d98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIwmRAeYaOm8YV1ODjdKhBEm%2Btaf65XqD68A9exDLHGIuCLa%2FLC9%2FJcLNXU2PUzB3OIluKfeoZHE3dhXfM5CXTzguEPKRUQtAekZE0otvh89UcT1pmSjFDxnV39ymUgllQ7HdXXK%2Bl%2FC%2B64R30T59c0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75bf72fcbc509be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56108
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5786a54c8d8731b27234703f336b87dfc44d2477724741166e2ef41101a396d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 07:09:33 GMT
content-md5
VEiNQDi7E0etGFfiudRqew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
Y5Z1zFSIlzCxx0s3eXgz6G1MxuDz5E8aB39Pc+8SVpEcMbPA0HsSwBksRnF5gA2qW1YgcMaZQ0L7lhorp8nLiQ==
x-fb-trip-id
686109401
x-fb-content-md5
454a3fd8f16b7b977ca17a6dd0a53057
cross-origin-opener-policy
same-origin-allow-popups
etag
"c8b0e8fdbcb2879378553f86a9dfe8a8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 07:13:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		309 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc876a53dc1550440043da2c9666dc520be2e271365bd64fd0ae440d100dfb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 04:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107095
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Oct 2023 04:33:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2490
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
75bf72fd58cd9110-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 07:09:33 GMT
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=49c6ac4383e6f18c23fd291d9ac30258
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
69652b15fbc40c5d9baacfff4c2086231d1cc69ac9ee07c07583725482297995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thinkgiveaways.com/
Origin
https://thinkgiveaways.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 07:09:33 GMT
content-md5
FlSFEpiwWz16mTD45zHthQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86956
x-fb-rlafr
0
x-fb-debug
sDmTajyFIB1vOmr+5nSWMKbet2Ry/qQzUGwxzlSw/nb/JCcasmwESiyS1JkjfxJtyDXORUM5nhqNTt+WUNrMrA==
x-fb-content-md5
d3e4ac6b75a2828fa8c6438057e7452a
cross-origin-opener-policy
same-origin-allow-popups
etag
"319ff3b197e13e773a70b4fae6502dc4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Oct 2023 05:13:08 GMT
web
onesignal.com/api/v1/sync/e3ba631b-a712-4de9-ac1d-04584310ca86/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/e3ba631b-a712-4de9-ac1d-04584310ca86/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c65a0c3fe54286f83c160e553cbb2d5e1dbcdc574c62cb182859f5dc55743e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
76b0075c-e9bf-494c-90f5-e93a17a31175
x-runtime
0.032302
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5c65a0c3fe54286f83c160e553cbb2d5"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
75bf72fe8e406949-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 18 Oct 2022 08:09:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131470213-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 07:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
454
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 18 Oct 2022 09:01:59 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1642879474&t=pageview&_s=1&dl=https%3A%2F%2Fthinkgiveaways.com%2F%3Futm_source%3Dclnfs&dr=http%3A%2F%2Fworldofwarplanespromo.blogspot.com%2F&ul=en-us&de=UTF-8&dt=ThinkGiveaways%20-%20Free%20Giveaways%2C%20Sweepstakes%20%26%20Contests&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1755731901&gjid=1735492572&cid=1162996250.1666076974&tid=UA-131470213-1&_gid=1569890823.1666076974&_r=1&gtm=2ouaa0&z=1766298219
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thinkgiveaways.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 07:09:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thinkgiveaways.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: thinkgiveaways.com
URL: https://thinkgiveaways.com/?utm_source=clnfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
via
1.1 varnish
date
Tue, 18 Oct 2022 07:09:33 GMT
x-amz-request-id
C0PM5183JTHZWH2D
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
tUMDyL0WmISarV+7o1NgKgWBtYzXNe+0EnfQp9GNw/ovvN9d9fmllP8gGX8Hwu2wvGQYXP+laxM=
x-served-by
cache-hhn4021-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1666076974.972463,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13896
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:34 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2490
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
75bf72ff5c749110-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 17 Nov 2022 07:09:33 GMT
62915533ca
bam.nr-data.net/1/ 		49 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGFlZBQBIFxNRRA%3D%3D&rst=947&ck=1&ref=https://thinkgiveaways.com/&ap=40&be=347&fe=906&dc=527&perf=%7B%22timing%22:%7B%22of%22:1666076973040,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:15,%22c%22:15,%22s%22:23,%22ce%22:39,%22rq%22:39,%22rp%22:320,%22rpe%22:322,%22dl%22:328,%22di%22:527,%22ds%22:527,%22de%22:529,%22dc%22:906,%22l%22:906,%22le%22:913%7D,%22navigation%22:%7B%7D%7D&fp=515&fcp=515&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 07:09:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
75bf72ffa8859018-FRA
icon
onesignal.com/api/v1/apps/e3ba631b-a712-4de9-ac1d-04584310ca86/ 		176 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/e3ba631b-a712-4de9-ac1d-04584310ca86/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbb8aa51140cdb29ee2d819aed3d1dc1a7739028d20af4ceb36ff2d45666d14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
13
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
fcc956d2-ff10-46ea-9624-0a100c00a581
x-runtime
0.012041
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6bbb8aa51140cdb29ee2d819aed3d1dc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
75bf72ffcdb79bdd-FRA
access-control-allow-headers
SDK-Version
9qLjcYIJTrSgtiUQtlxT
www.filepicker.io/api/file/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.filepicker.io/api/file/9qLjcYIJTrSgtiUQtlxT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd13d5215c086a12f0f89220227eb14a390d5ba64e50b3829a66c27acb9d95fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thinkgiveaways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 07:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
991146
x-cache
HIT, HIT
content-disposition
inline; filename="ss2018-12-17at05.24.11.png"
content-length
18823
x-served-by
cache-iad-kjyo7100116-IAD, cache-hhn4052-HHN
last-modified
Tue, 18 Dec 2018 01:24:35 GMT
x-timer
S1666076975.671361,VS0,VE15
etag
"ac10c8cac008e2278a4e03c567906037"
x-file-name
ss2018-12-17at05.24.11.png
access-control-max-age
21600
access-control-allow-methods
DELETE, GET, HEAD, POST, PUT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-File-Name
cache-control
public, max-age=2678400
filestack-trace-id
1665085827-oNufUKhxTF
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-No-Stream
x-cache-hits
65, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
translate.googleapis.com
URL
https://translate.googleapis.com/element/log?hasfast=true&authuser=0&format=json

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require function| $ function| jQuery function| Popper object| bootstrap object| html5 object| Modernizr object| methods object| Waves function| Hammer object| NiceScroll object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| OneSignal function| fbAsyncInit function| gtag object| dataLayer object| gapi object| ___jsl object| recaptcha object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| google_tag_manager object| FB number| __oneSignalSdkLoadCount function| __jp0 object| google_tag_data string| GoogleAnalyticsObject function| ga object| __buffer object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
thinkgiveaways.com/ Name: PHPSESSID
Value: GMHuUlR7qPQX-2Vq01Uz1qy_tt22nMZXb9blmSApAVF9uxhbpqrWYvFK9TjjZAL4
thinkgiveaways.com/ Name: SERVERID
Value: web4
.gleam.io/ Name: __cf_bm
Value: E9E1nfLQhqzIooi72bIiVmmpIMt_uQQK7qQjwsbu6Z0-1666076973-0-AY0gw5wQXaKtIuPmIJaIrYXidR29+HF698EkwjqIbIwkMY0LwYhnBaCQaPbPH/TNp4bG5BuBhd8n+k+lHi1/7bw=
.thinkgiveaways.com/ Name: _ga
Value: GA1.2.1162996250.1666076974
.thinkgiveaways.com/ Name: _gid
Value: GA1.2.1569890823.1666076974
.thinkgiveaways.com/ Name: _gat_gtag_UA_131470213_1
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: 4ed03638ec45942b

1 Console Messages

Source Level URL
Text
network error URL: http://widget.sharecash.org/jsclick.php
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
apis.google.com
bam.nr-data.net
blogblog.com
cdn.onesignal.com
cdnjs.cloudflare.com
cleanfiles.net
connect.facebook.net
d36eyd5j1kt1m6.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gleam.io
js-agent.newrelic.com
onesignal.com
resources.blogblog.com
thinkgiveaways.com
translate.google.com
translate.googleapis.com
user-assets.out.sh
widget.sharecash.org
worldofwarplanespromo.blogspot.com
worldofwarplanespromo.blogspot.com.br
www.blogblog.com
www.blogger.com
www.filepicker.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gravatar.com
www.gstatic.com
translate.googleapis.com
104.18.8.67
151.101.2.133
151.101.2.137
162.247.241.14
172.66.40.77
172.67.175.18
188.114.97.3
2600:9000:236e:be00:19:6a95:5b80:21
2606:4700:3035::ac43:c3cf
2606:4700::6811:180e
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:802::200e
2a00:1450:4001:803::200a
2a00:1450:4001:808::2009
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:4001:831::2009
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
078e1c20d997c1d4014b6a448cc73b236d950386a86bd4098f6a94a43e932c21
07d7ceeece5addab399ec43c713970ae5935ac3c1053b0bca98cabd67a24078c
08ecd2e6a9443e1ebbce06cdf548e00b7aa70a42727757b2513ffc55f6f80869
0953f16b49d47712d4f4dddb4d7cd0d1fabbda976ae137f7d82485928d3ad3ca
0a676d1e515f604fa21ab8244ec0bf21045447223d3d57a29f9b50564a4ebea7
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
13c525f7fbcf8e94693c055f358abc6eb2c3d08f5a8708563320543c55767749
15e4431b7e2c3e3d4ca55d7681f71f7b6268b7d2c059fefe78ef09939e72f2a7
1b34f4784564b217fc740867948b7223f3de266a5c1f7b2ceee1198c0d8db66d
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2a760ea5e970de191757b56f9ee572fb1cc07c61ee6675cb1ec60caa42767cfd
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
360bdc3c437ce0f13597e564fac7207257b5dbdd3b37eb98aa54d1cdd4a0c31b
36465a11a128fbca02f2178f46002491c0dc2b6a1ae9e5c99d02b9a94571102d
37512059e7516519ceed7ba00ca5d7523cc5d15ca922435b692ac3678bad5496
3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794
45cf51e69130a68badacb8079f121ce71e6d756be8f774fa329ff540ef5fa8e5
47821ab65d0f98c7daebedece30bdca06e610c213eaabd45cf37a0e832b71c1e
4a49e040140ba61fe9797d306ad2f3126255a402cc1a62da12f0ecec13a5f2b9
4a62ad2a11276742a4b001cd188ebdbffb245af584262fd7950ce3b0b0c11601
4f01951293a11116b89b6e19f70cb9b72b2e3a68b2005c75d1d9b8e7b85eb35a
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
53ed9708f8247484670a33871de9196fa4d848f2c6a3c84b974c4aaf9282c6ed
5786a54c8d8731b27234703f336b87dfc44d2477724741166e2ef41101a396d8
5a67b66af1dd4d8b246925ec83036507023fd7f6093b72d8c403357319da5536
5c056f09113d4241f7280bd25f9c6e8965c10338bb0309c199e4bd95888142d3
5c65a0c3fe54286f83c160e553cbb2d5e1dbcdc574c62cb182859f5dc55743e9
603b75683b3ca4a737af3ff82564f38dd5fe96c930abcbee07f8385fae36c54a
69652b15fbc40c5d9baacfff4c2086231d1cc69ac9ee07c07583725482297995
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbb8aa51140cdb29ee2d819aed3d1dc1a7739028d20af4ceb36ff2d45666d14
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
71a07eb829d11f5f66cd6b0473d66500643f346d53fdb56c55230083d48c567c
7f29c474351fe311168ec981c134924999453a1e8694710d5541e28507904dc5
7fd716372b36b940a4f87459318187fb5b6156e06e14cdb2b73487ed25543602
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8c9263f89ff67cd96c5740e02010f519df6cd6ab20d3ffba51e9ee43273d7f7a
916c519280213fb9b033ba4484899e648532be2f42e0fdcff2508efc8a029559
949468ad4d0d5c7886e389f8d787f1796379afdf2286f9e33c8579ff28526a0c
991b89e27049fdb8d2db1c46db95b9809e5f5a7d2afc3377634144cfea680f70
9b9cace9e92bbc84d4017bc813b536d282943761d41f2ad3d331556f6e75e8d8
a16a6e805d3865676aacbd1c52a736b389a7ae0daa6cc5c48d20083a2a4c3ccd
a37947490e0520c2ceba996a56816822048a6abbc28de3659d62915b9355df01
acf32f04aa38c31837e91b5ee3531b55aef2b3db9801462570451a6438262d32
ad88aae5e6097a15cd6ca03ef7669aae44ec119138824946fa6143efda9cc4d7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
bc876a53dc1550440043da2c9666dc520be2e271365bd64fd0ae440d100dfb3a
bf74a158de705b69d257c2dd77a67b240950ff88dd563b0e8455126b404b6221
bfc87b273aae97d2ee47e1e8f17327f8aebc29e7832d008d06b827bf088b16c6
c45b80b940dc8c7616003128fcc56f76630f632963aa0851e15e3746295817b4
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c7a63e1eafdf9a9413e8fe8cd5545816c6d60df8402d7cc8a578ef65272edee2
c7ae93d843d61a530d75e5f65c295316a608f15b27f2e434eec4ec86d158356a
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d203152ed39d28c3b1a30ea233e73c3e4f97bca90ab4f2ece7c14017ad52b535
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
dd13d5215c086a12f0f89220227eb14a390d5ba64e50b3829a66c27acb9d95fd
def478aadd4802c1ded972d1207108d9baf51dadde296cef382a629e584b43bc
eab810e710f76b28610e7915938e272e88565a9cd4867d09a4268e985259bf91
f16126a85b4c1b205a352a33215c1f742449591edf6b567c1da6efd76b12066d
fe0b6a28318f99fa0ea186e3ed6d34b44b9f75765c43c79f5a5a0f498dceb377
ff0b866a56b779f8db3610145ffc7489319f49589186049df81963e88bf1133c