urlscan.io logo urlscan.io
SecurityTrails logo

giveawayplay.blogspot.com Open in urlscan Pro
2a00:1450:4001:802::2001  Public Scan

Go To Rescan Add Verdict Report
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Submission Tags: falconsandbox
Submission: On January 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 53 HTTP transactions. The main IP is 2a00:1450:4001:802::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is giveawayplay.blogspot.com.
TLS certificate: Issued by GTS CA 1O1 on December 15th 2020. Valid for: 3 months.
This is the only time giveawayplay.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
giveawayplay.blogspot.com
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
themes.googleusercontent.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
14    2a00:1450:4001:818::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
www.blogblog.com
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
7 www.blogger.com 1 redirects giveawayplay.blogspot.com
www.blogger.com
7 1.bp.blogspot.com giveawayplay.blogspot.com
6 resources.blogblog.com giveawayplay.blogspot.com
5 pagead2.googlesyndication.com giveawayplay.blogspot.com
pagead2.googlesyndication.com
4 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
4 www.gstatic.com giveawayplay.blogspot.com
translate.googleapis.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.gstatic.com giveawayplay.blogspot.com
3 giveawayplay.blogspot.com giveawayplay.blogspot.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com giveawayplay.blogspot.com
www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.blogblog.com giveawayplay.blogspot.com
1 accounts.google.com 1 redirects
1 www.youtube.com giveawayplay.blogspot.com
1 translate.google.com giveawayplay.blogspot.com
1 themes.googleusercontent.com giveawayplay.blogspot.com
53 20
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Frame ID: E75CA2411528EC9BAF4E72F6D93956F4
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html
Frame ID: 22B94EB4A11A04752428F5BFC9FFFCF2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qrzCLgDplTw
Frame ID: 611F7D5A23E768D69FC2E67A2DD5CD9A
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081&bpli=1
Frame ID: F1DF3146203ED59843779A1FB0CF5ED4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-8023393897799239&output=html&h=600&adk=395283980&adf=1053305098&w=128&fwrn=4&fwrnh=100&lmt=1611156595&rafmt=1&psa=0&format=128x600&url=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&flash=0&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1611294412513&bpp=7&bdt=163&idt=174&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5811869234599&frm=20&pv=2&ga_vid=414796368.1611294412&ga_sid=1611294413&ga_hid=1358962245&ga_fc=0&ga_wpids=UA-178765536-1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1259&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=1116833740183588&pem=280&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CZU75HrbfW&p=https%3A//giveawayplay.blogspot.com&dtd=194
Frame ID: 8E45FABBD61FCDCAC26D3E43DA76F943
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-8023393897799239&output=html&adk=1812271804&adf=3025194257&lmt=1611156595&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&dt=1611294412629&bpp=30&bdt=279&idt=93&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=128x600&nras=1&correlator=5811869234599&frm=20&pv=1&ga_vid=414796368.1611294412&ga_sid=1611294413&ga_hid=1358962245&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=1116833740183588&pem=280&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=99
Frame ID: 254A0581E93D321B7D51A95063B17A71
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 469B1031A4ECAD0419181F4DFA8BA902
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: D1CF822076DFA4852705B7B00223A191
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i
Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

53
Requests

100 %
HTTPS

94 %
IPv6

14
Domains

20
Subdomains

17
IPs

2
Countries

1051 kB
Transfer

2132 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://www.blogger.com/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081 HTTP 302
  • https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8261457496085984207%26postID%3D6816433781710717655%26skin%3Dessential%26blogspotRpcToken%3D5653081%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D8261457496085984207%26postID%3D6816433781710717655%26skin%3Dessential%26blogspotRpcToken%3D5653081%26bpli%3D1&passive=true&go=true HTTP 302
  • https://www.blogger.com/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081&bpli=1

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request iphone12promaxgiveaway.html
giveawayplay.blogspot.com/2021/01/ 		137 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b1442c24825f7415de7f4ce7327d26fa93a8f5845c2993747e75157f63347ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
giveawayplay.blogspot.com
:scheme
https
:path
/2021/01/iphone12promaxgiveaway.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Fri, 22 Jan 2021 05:46:52 GMT
date
Fri, 22 Jan 2021 05:46:52 GMT
cache-control
private, max-age=0
last-modified
Wed, 20 Jan 2021 15:29:55 GMT
etag
W/"a896cdc351e8b28912340226c88542fa19ae7d580e6568f38b6519688297e62b"
x-robots-tag
all,noodp
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
27397
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47256
x-xss-protection
0
server
cafe
etag
10183075830532257014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Jan 2021 05:46:52 GMT
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4096
x-xss-protection
0
expires
Fri, 22 Jan 2021 05:46:52 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1640
date
Fri, 22 Jan 2021 05:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 22 Jan 2021 07:19:32 GMT
image
themes.googleusercontent.com/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=1jBzZZhWmESbxpWuz4_KYI1iPRIJPfZVbhagMxWcJWDsBoLRejCvAeTWImo0USEiGpD5G&options=w1600
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
27e965e0cdcd886f70917fc645ee324a20cfc3d387406c1c2f67e771757d5c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208850
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://giveawayplay.blogspot.com
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 07:38:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
598082
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 15 Jan 2022 07:38:50 GMT
collect
www.google-analytics.com/j/ 		2 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1358962245&t=pageview&_s=1&dl=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&ul=en-us&de=UTF-8&dt=How%20To%20Get%20Free%20iPhone%2012%20Pro%20Max%20%7C%7C%20Free%20iPhone%2012%20Pro%20%7C%7C%20Giveaway%20Play&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1950742400&gjid=2100878512&cid=414796368.1611294412&tid=UA-178765536-1&_gid=1797621209.1611294412&_r=1&_slc=1&z=759830636
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://giveawayplay.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
iPhone%2B12%2BPro%2BMax%2B%25281%2529.jpg
1.bp.blogspot.com/-9Gamh0HqEQ0/YAg9zZqopMI/AAAAAAAAAeE/9p8-8bF9auQljWuovLJESSg4RFKa928oACLcBGAsYHQ/w461-h332/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-9Gamh0HqEQ0/YAg9zZqopMI/AAAAAAAAAeE/9p8-8bF9auQljWuovLJESSg4RFKa928oACLcBGAsYHQ/w461-h332/iPhone%2B12%2BPro%2BMax%2B%25281%2529.jpg
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
21e2f9e9dc13e0d072ef88e3679b8ff233c7325641030e8d24b6a732dda252f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:53 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="iPhone 12 Pro Max (1).jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21133
x-xss-protection
0
server
fife
etag
"v1e2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Jan 2021 16:54:19 GMT
Get%2Bit%2Bnow%2Bbutton.png
1.bp.blogspot.com/-VO_UZr5hLNc/X3ssiKepzTI/AAAAAAAAAMc/uhzRdoYplbItzDXy-nko1-GWtyPnBMRUQCPcBGAYYCw/w213-h48/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-VO_UZr5hLNc/X3ssiKepzTI/AAAAAAAAAMc/uhzRdoYplbItzDXy-nko1-GWtyPnBMRUQCPcBGAYYCw/w213-h48/Get%2Bit%2Bnow%2Bbutton.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c28e92e7efdb67ef885332056200fe2055a6387d6eaf44c93dbb61c7cd8ce6e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Get it now button.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9693
x-xss-protection
0
server
fife
etag
"vc7"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Jan 2021 16:54:19 GMT
12%2BPro%2BMax.png
1.bp.blogspot.com/-fNLx2AXUikY/YAhBkDWWyUI/AAAAAAAAAeY/ZRYGJGrY51sGJOewJAK1p0IdvLnaRW-GACLcBGAsYHQ/w215-h320/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-fNLx2AXUikY/YAhBkDWWyUI/AAAAAAAAAeY/ZRYGJGrY51sGJOewJAK1p0IdvLnaRW-GACLcBGAsYHQ/w215-h320/12%2BPro%2BMax.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4cbe3e908fc587b1f5769c286af205b7a82875ce6be4489857ae6ad42c6b752b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="12 Pro Max.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61320
x-xss-protection
0
server
fife
etag
"v1e7"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Jan 2021 16:54:19 GMT
Free%2BiPhone%2B12%2BPro%2BMax%2BGiveaway%2B2021.PNG
1.bp.blogspot.com/-xT7tgK2PqSo/YAhJO86HljI/AAAAAAAAAew/xw_9x_bjsDgdV3YJTiJJZbl-7MiUkhDYwCLcBGAsYHQ/w640-h402/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-xT7tgK2PqSo/YAhJO86HljI/AAAAAAAAAew/xw_9x_bjsDgdV3YJTiJJZbl-7MiUkhDYwCLcBGAsYHQ/w640-h402/Free%2BiPhone%2B12%2BPro%2BMax%2BGiveaway%2B2021.PNG
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dad5fcc2ec70a5ff056d16a97920177ee4c6958f065da0f9b22c36a416099224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Free iPhone 12 Pro Max Giveaway 2021.PNG"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142196
x-xss-protection
0
server
fife
etag
"v1ee"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Jan 2021 16:54:19 GMT
3858658042-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 04:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Jan 2021 17:29:39 GMT
server
sffe
age
524395
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5121
x-xss-protection
0
expires
Sun, 16 Jan 2022 04:06:57 GMT
APPLE-IPHONE-12-PRO-GIVEAWAY.jpg
1.bp.blogspot.com/--OACngqtKoA/X3LZ0b35viI/AAAAAAAAAF0/Dfnk9o3_SeMhqU5yZJ7Ay4sJ1PicGf5-wCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/--OACngqtKoA/X3LZ0b35viI/AAAAAAAAAF0/Dfnk9o3_SeMhqU5yZJ7Ay4sJ1PicGf5-wCLcBGAsYHQ/w72-h72-p-k-no-nu/APPLE-IPHONE-12-PRO-GIVEAWAY.jpg
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3b383cc6cafb3efe10fef3ae0fcc50868d1ce21e10060c4552ec1a1623eb6927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="APPLE-IPHONE-12-PRO-GIVEAWAY.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2715
x-xss-protection
0
server
fife
etag
"v5e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Jan 2021 16:54:19 GMT
win%2BSamsung%2Bs20%2BUltra.jpg
1.bp.blogspot.com/-nt0gM94ygDc/X4QTuhvMy5I/AAAAAAAAASc/4mGjbJnoTDs4sb-5zFfGSdQMMCGxvcOXgCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-nt0gM94ygDc/X4QTuhvMy5I/AAAAAAAAASc/4mGjbJnoTDs4sb-5zFfGSdQMMCGxvcOXgCLcBGAsYHQ/w72-h72-p-k-no-nu/win%2BSamsung%2Bs20%2BUltra.jpg
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f622d058f8535dba2908606e15a290a061042d8501e52241500cf828ece96184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="win Samsung s20 Ultra.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3941
x-xss-protection
0
server
fife
etag
"v128"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Jan 2021 16:54:19 GMT
Netflix%2BPremium%2BAccount%2BGenerator%2B2021.jpg
1.bp.blogspot.com/-yqfZQM6KbQs/X4Cxrrdwc5I/AAAAAAAAAQs/DripslCoEB4rOu_KELlSpid_zS53sEtEQCLcBGAsYHQ/w72-h72-p-k-no-nu/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-yqfZQM6KbQs/X4Cxrrdwc5I/AAAAAAAAAQs/DripslCoEB4rOu_KELlSpid_zS53sEtEQCLcBGAsYHQ/w72-h72-p-k-no-nu/Netflix%2BPremium%2BAccount%2BGenerator%2B2021.jpg
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ffb38b09d91b60daa44c33a871643fa2ad388480729fbecd144bd9789169f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Netflix Premium Account Generator 2021.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5855
x-xss-protection
0
server
fife
etag
"v10c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Jan 2021 16:54:19 GMT
blogger-simple-blue.gif
resources.blogblog.com/html/buttons/ 		818 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/html/buttons/blogger-simple-blue.gif
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d34ce7d322f7c41361980afbec745334fe2dc0366b6fdf861ff49ac2f05117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:45:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Jan 2021 15:18:52 GMT
server
sffe
age
46859
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
818
x-xss-protection
0
expires
Thu, 28 Jan 2021 16:45:53 GMT
element.js
translate.google.com/translate_a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
c2f1e13a1b4d3ea0fdd909a076dcc922b53f8f2cbb354abb639130d276fcb145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1874
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
arrow_dropdown.gif
resources.blogblog.com/img/widgets/ 		141 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/widgets/arrow_dropdown.gif
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 04:20:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Jan 2021 15:18:52 GMT
server
sffe
age
5153
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141
x-xss-protection
0
expires
Fri, 29 Jan 2021 04:20:59 GMT
icon_feed12.png
resources.blogblog.com/img/ 		500 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon_feed12.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 21:51:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Jan 2021 11:24:07 GMT
server
sffe
age
28495
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
500
x-xss-protection
0
expires
Thu, 28 Jan 2021 21:51:57 GMT
subscribe-netvibes.png
resources.blogblog.com/img/widgets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/widgets/subscribe-netvibes.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 21:11:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Jan 2021 15:18:52 GMT
server
sffe
age
30909
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1445
x-xss-protection
0
expires
Thu, 28 Jan 2021 21:11:43 GMT
sprite_v1_6.css.svg
giveawayplay.blogspot.com/responsive/ 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://giveawayplay.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 02:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 23:14:57 GMT
server
sffe
age
97057
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2244
x-xss-protection
0
expires
Thu, 28 Jan 2021 02:49:15 GMT
subscribe-yahoo.png
resources.blogblog.com/img/widgets/ 		580 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/widgets/subscribe-yahoo.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 13:34:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Jan 2021 20:32:30 GMT
server
sffe
age
144729
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
0
expires
Wed, 27 Jan 2021 13:34:43 GMT
2787984455-strm_compiled.js
resources.blogblog.com/blogblog/data/res/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/2787984455-strm_compiled.js
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e94315aa868666c1820b0e0f724ac85757deefd4635b0b5123c507a8cac7749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 02:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Jan 2021 01:24:37 GMT
server
sffe
age
98075
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47967
x-xss-protection
0
expires
Thu, 28 Jan 2021 02:32:17 GMT
cookienotice.js
giveawayplay.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giveawayplay.blogspot.com/js/cookienotice.js
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 02:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 21:23:17 GMT
server
sffe
age
97057
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
expires
Thu, 28 Jan 2021 02:49:15 GMT
1617771680-widgets.js
www.blogger.com/static/v1/widgets/ 		142 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1617771680-widgets.js
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ce75791c74defe5000584113aa59e7d12cf564b712fa22a60758339c52d76ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 01:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 23:14:57 GMT
server
sffe
age
101858
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52716
x-xss-protection
0
expires
Fri, 21 Jan 2022 01:29:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://giveawayplay.blogspot.com
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:17:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
48579
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 21 Jan 2022 16:17:13 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/ 		224 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
261d6dc86d7002888cd60be2998e37ccf910233d570151dc206564ac459ffdce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
85977
x-xss-protection
0
server
cafe
etag
16085909096229427883
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Jan 2021 05:46:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/ Frame 22B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210120/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 21 Jan 2021 19:41:33 GMT
expires
Thu, 04 Feb 2021 19:41:33 GMT
content-type
text/html; charset=UTF-8
etag
1252425945412704235
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
36319
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
qrzCLgDplTw
www.youtube.com/embed/ Frame 611F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/qrzCLgDplTw
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/qrzCLgDplTw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html

Response headers

x-content-type-options
nosniff
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type
text/html; charset=utf-8
date
Fri, 22 Jan 2021 05:46:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
20671
content-encoding
br
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
YSC=dkKkHT4I8GQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=rGi4hpB60_I; Domain=.youtube.com; Expires=Wed, 21-Jul-2021 05:46:52 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
comment-iframe.g
www.blogger.com/ Frame F1DF
Redirect Chain
  • https://www.blogger.com/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081
  • https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8261457496085984207%26postID%3D6816433781710717655%26skin%3Dessential%26blogspotRpcToken%3D565308...
  • https://www.blogger.com/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081&bpli=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081&bpli=1
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081&bpli=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 22 Jan 2021 05:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
4791
server
GSE
set-cookie
S=blogger=WGCmtxYbL2VbQ4jpdbJPoTbmuK0zyhKcUmLaix8NN9I; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type
text/html; charset=UTF-8
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 22 Jan 2021 05:46:52 GMT
location
https://www.blogger.com/comment-iframe.g?blogID=8261457496085984207&postID=6816433781710717655&skin=essential&blogspotRpcToken=5653081&bpli=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src 'report-sample' 'nonce-S+ZjXB5VnJqFGsFi+HZWlA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
269
server
GSE
set-cookie
__Host-GAPS=1:ncPsA4Gekg6KDRfoiAyOSKdIQkztNw:1amM1_5q4ddJDchU;Path=/;Expires=Sun, 22-Jan-2023 05:46:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://giveawayplay.blogspot.com
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 20:35:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:39 GMT
server
sffe
age
33061
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12824
x-xss-protection
0
expires
Fri, 21 Jan 2022 20:35:51 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1971
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 22 Jan 2021 06:14:01 GMT
main.js
translate.googleapis.com/translate_static/js/element/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2563
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2029
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 22:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 22 Jan 2021 06:04:09 GMT
mspin_black_large.svg
www.blogblog.com/indie/ 		6 KB
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogblog.com/indie/mspin_black_large.svg
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 21:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 21:23:17 GMT
server
sffe
age
30471
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
870
x-xss-protection
0
expires
Thu, 28 Jan 2021 21:19:01 GMT
blogger_logo_round_35.png
www.blogger.com/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:52:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 17:24:53 GMT
server
sffe
age
53678
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
expires
Thu, 28 Jan 2021 14:52:14 GMT
cookie.js
partner.googleadservices.com/gampad/ 		202 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=giveawayplay.blogspot.com&callback=_gfp_s_&client=ca-pub-8023393897799239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
b559654af019bd6deb7a2084636eb43f09ec329568149a5d2d091f9f9f665e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=giveawayplay.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=giveawayplay.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8E45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-8023393897799239&output=html&h=600&adk=395283980&adf=1053305098&w=128&fwrn=4&fwrnh=100&lmt=1611156595&rafmt=1&psa=0&format=128x600&url=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&flash=0&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1611294412513&bpp=7&bdt=163&idt=174&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5811869234599&frm=20&pv=2&ga_vid=414796368.1611294412&ga_sid=1611294413&ga_hid=1358962245&ga_fc=0&ga_wpids=UA-178765536-1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1259&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=1116833740183588&pem=280&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CZU75HrbfW&p=https%3A//giveawayplay.blogspot.com&dtd=194
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-8023393897799239&output=html&h=600&adk=395283980&adf=1053305098&w=128&fwrn=4&fwrnh=100&lmt=1611156595&rafmt=1&psa=0&format=128x600&url=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&flash=0&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1611294412513&bpp=7&bdt=163&idt=174&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5811869234599&frm=20&pv=2&ga_vid=414796368.1611294412&ga_sid=1611294413&ga_hid=1358962245&ga_fc=0&ga_wpids=UA-178765536-1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1259&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=1116833740183588&pem=280&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CZU75HrbfW&p=https%3A//giveawayplay.blogspot.com&dtd=194
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 22 Jan 2021 05:46:52 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 22-Jan-2021 06:01:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 22 Jan 2021 05:46:52 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a07d34077ea3ad5547ec3826630c724e0361194e6fd49eb4e2d55f562b9f239b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611146387330534"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28294
x-xss-protection
0
expires
Fri, 22 Jan 2021 05:46:52 GMT
element_main.js
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 		243 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 01:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16370
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88693
x-xss-protection
0
last-modified
Mon, 30 Nov 2020 10:52:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jan 2022 01:14:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 05:46:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 254A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-8023393897799239&output=html&adk=1812271804&adf=3025194257&lmt=1611156595&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&dt=1611294412629&bpp=30&bdt=279&idt=93&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=128x600&nras=1&correlator=5811869234599&frm=20&pv=1&ga_vid=414796368.1611294412&ga_sid=1611294413&ga_hid=1358962245&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=1116833740183588&pem=280&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-8023393897799239&output=html&adk=1812271804&adf=3025194257&lmt=1611156595&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fgiveawayplay.blogspot.com%2F2021%2F01%2Fiphone12promaxgiveaway.html&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&dt=1611294412629&bpp=30&bdt=279&idt=93&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=128x600&nras=1&correlator=5811869234599&frm=20&pv=1&ga_vid=414796368.1611294412&ga_sid=1611294413&ga_hid=1358962245&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=1116833740183588&pem=280&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 22 Jan 2021 05:46:52 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 22-Jan-2021 06:01:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 22 Jan 2021 05:46:52 GMT
cache-control
private
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 00:04:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
20520
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Sat, 22 Jan 2022 00:04:52 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: giveawayplay.blogspot.com
URL: https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 23:38:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
194893
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
expires
Wed, 19 Jan 2022 23:38:39 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 20:20:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
33987
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Fri, 21 Jan 2022 20:20:25 GMT
l
translate.googleapis.com/translate_a/ Frame 469B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R2gLGRlAeuuI6fkQkSGpAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-R2gLGRlAeuuI6fkQkSGpAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Fri, 22 Jan 2021 05:46:52 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
368954415-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1617771680-widgets.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 01:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 20:05:35 GMT
server
sffe
age
447204
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6541
x-xss-protection
0
expires
Mon, 17 Jan 2022 01:33:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11699a1bc43ec0c0a55749775057ba734893392cb9aab745a16146450f5bc4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Jan 2021 05:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6705
x-xss-protection
0
3511696064-lbx.js
www.blogger.com/static/v1/jsbin/ 		376 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/3511696064-lbx.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1617771680-widgets.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab193d93282221ba56228eec970538cdc4044ef0b8e0701f2e7339b432114961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 01:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 23:14:57 GMT
server
sffe
age
101797
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123937
x-xss-protection
0
expires
Fri, 21 Jan 2022 01:30:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Fri, 22 Jan 2021 05:46:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame D1CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Fri, 22 Jan 2021 01:42:31 GMT
expires
Sat, 22 Jan 2022 01:42:31 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
14662
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210120&jk=1116833740183588&bg=!8POl87DNAAVwd1e1cDsAKQB2-DxaNP-bNJCNPrj4naS1LwAOV7KdSqRtGAKqU1TD3Smz31iWOUe1AgAAAFRSAAAADGgBBwoBogknB0_Ai-9XcxGVB9Eb2fdY6A1AOZui1iXEcEDnkTh1VG2Dfhm4HngDiKy8LNCOC7R8o6pkMlxV5zNlJIvEE8wYXJZ8eTvr3Mt4vpY_OwqigmlOT7TpXzPFysCf_Eb4Iu8PpsXA99ZVm2mNSlFEMGUDZDYef4nhekze9wB9nXvPl8Xats9-I18-cmOpjBJ4tVqNsr0TBnRR4CSkW_euGb39gQDhWxRN36ldMxPV5Z4O_C3ziR5_qVVrAmn66x-60BvDJOd58AvfybvFKUg7pvZTL8DbvTCD-uaBYvRtwVWYXokkGPFuJzZiBSFmpvMf_uavY8DEzKz71BZbylxwOHCWwO2Nok2qtmM2F74vmrdiA66tB8AjLCVZ8tIEHdoZVLPuqiSRT6zob8q9YmDP-tRc9TprvNhRYw26G3mgm3ZL59DjRLPuZUJNGhySvF5PdlksZ8bYAVQz9WXULeia4GdDbafT7V-dwkMs64ivfM3R4ifKP6Y7vOLQOkDK9SXAAP3y727AVe5fddFRhgRahplW7YSnjKUxC2LhDaeEIubvyhqZAdqSRpGUR76RLzcBOZP1GfRxvrqzgYMTTrUY6eoJWqwlVTe6JebnK5JX0yQ3w4oPNURVCqp50OInuuFSl2EE5I8KWPyXO0ML30HlkckdFgv8uehGkxbHspGOczpCW2uO57qxWfgwSx-6oMFXTAi_7hvLtaiIxXP7WaHd-YW4w0YLFFurvB1gCYuofHvAw0_T5L5l59cY1XRaJMULyZGAxWaQpERv9419JEyzpm_qLhAOTzq8KSs6uXBksXGH4cYAFQiiqw9xcsHUWg3Rn21knR8_Mlh6gUq45BfDlO1m4wn_vkd50KHj_Up1T1DUHpM1DyoeSz0LowIsXwpzb-t4NqNOt2yYrFOlKz1WLQqHrxCiUxVP9lk9GAGwue6SzyastitQ3zCKpc-pw6gBMuCcBEMXnjKijBL-8CRGwN8kR4viYUGHScZo65e0IjHWoiLEPnJXZsU8Rikc2ZsapJd6Q2SsYKJ4MK2vZ-oBgFuWSWPyQH-rTW6QQHF7Yt24gUXGGNKH47QOkLW0uegPFtWl_sjNktbsbQ24qwJLmaMNYWnz0L1Gt0cSjYDoN3ToMkQYaAsnCw_YZhUf-flNrJzhK32lwMIdvAnArmb59erCybnRBoK1FpBCWAI4BBY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giveawayplay.blogspot.com/2021/01/iphone12promaxgiveaway.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 05:46:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| BLOG_CMT_createIframe function| googleTranslateElementInit object| google function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_698567 object| cookieChoices object| closure_lm_81453 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| closure_lm_757335 object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
.blogger.com/ Name: S
Value: blogger=WGCmtxYbL2VbQ4jpdbJPoTbmuK0zyhKcUmLaix8NN9I
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: rGi4hpB60_I
.doubleclick.net/ Name: IDE
Value: AHWqTUldw3NhDOtBmijSrXMVCoPG4j0clYk0jSgRGnxRixro1vswyyo4GfzVkHMR
.giveawayplay.blogspot.com/ Name: _gat_blogger
Value: 1
.youtube.com/ Name: YSC
Value: dkKkHT4I8GQ
.giveawayplay.blogspot.com/ Name: _gid
Value: GA1.3.1797621209.1611294412
.giveawayplay.blogspot.com/ Name: _ga
Value: GA1.3.414796368.1611294412

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
accounts.google.com
adservice.google.com
adservice.google.de
fonts.gstatic.com
giveawayplay.blogspot.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
themes.googleusercontent.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.blogblog.com
www.blogger.com
www.google-analytics.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
216.58.212.162
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::200d
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2001
2a00:1450:4001:816::2002
2a00:1450:4001:817::2002
2a00:1450:4001:818::2009
2a00:1450:4001:819::200a
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::200e
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ffb38b09d91b60daa44c33a871643fa2ad388480729fbecd144bd9789169f71
11699a1bc43ec0c0a55749775057ba734893392cb9aab745a16146450f5bc4ec
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf
21e2f9e9dc13e0d072ef88e3679b8ff233c7325641030e8d24b6a732dda252f3
22d34ce7d322f7c41361980afbec745334fe2dc0366b6fdf861ff49ac2f05117
261d6dc86d7002888cd60be2998e37ccf910233d570151dc206564ac459ffdce
27e965e0cdcd886f70917fc645ee324a20cfc3d387406c1c2f67e771757d5c48
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
3b383cc6cafb3efe10fef3ae0fcc50868d1ce21e10060c4552ec1a1623eb6927
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
3ce75791c74defe5000584113aa59e7d12cf564b712fa22a60758339c52d76ae
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
4cbe3e908fc587b1f5769c286af205b7a82875ce6be4489857ae6ad42c6b752b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a07d34077ea3ad5547ec3826630c724e0361194e6fd49eb4e2d55f562b9f239b
a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff
ab193d93282221ba56228eec970538cdc4044ef0b8e0701f2e7339b432114961
b1442c24825f7415de7f4ce7327d26fa93a8f5845c2993747e75157f63347ee2
b559654af019bd6deb7a2084636eb43f09ec329568149a5d2d091f9f9f665e69
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
c28e92e7efdb67ef885332056200fe2055a6387d6eaf44c93dbb61c7cd8ce6e0
c2f1e13a1b4d3ea0fdd909a076dcc922b53f8f2cbb354abb639130d276fcb145
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
dad5fcc2ec70a5ff056d16a97920177ee4c6958f065da0f9b22c36a416099224
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e94315aa868666c1820b0e0f724ac85757deefd4635b0b5123c507a8cac7749d
f622d058f8535dba2908606e15a290a061042d8501e52241500cf828ece96184