urlscan.io logo urlscan.io
SecurityTrails logo

www.giveawaygplaygiftcard.xyz Open in urlscan Pro
74.114.154.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://giveawaygplaygiftcard.xyz/
Effective URL: http://www.giveawaygplaygiftcard.xyz/
Submission: On November 30 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 74.114.154.18, located in Canada and belongs to AUTOMATTIC, US. The main domain is www.giveawaygplaygiftcard.xyz.
This is the only time www.giveawaygplaygiftcard.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.6.44.4 2635 (AUTOMATTIC)
2 74.114.154.18 2635 (AUTOMATTIC)
10 192.0.77.40 2635 (AUTOMATTIC)
19 19 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.3 2635 (AUTOMATTIC)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 152.199.21.147 15133 (EDGECAST)
3 192.0.76.3 2635 (AUTOMATTIC)
31 10
1    66.6.44.4 (New York, United States)

ASN2635 (AUTOMATTIC, US)
giveawaygplaygiftcard.xyz
2    74.114.154.18 (Canada)

ASN2635 (AUTOMATTIC, US)
www.giveawaygplaygiftcard.xyz
10    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
assets.tumblr.com
19    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
doc-0o-70-docs.googleusercontent.com
doc-10-70-docs.googleusercontent.com
9    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
doc-0s-70-docs.googleusercontent.com
doc-0c-70-docs.googleusercontent.com
doc-00-70-docs.googleusercontent.com
doc-04-60-docs.googleusercontent.com
doc-0c-60-docs.googleusercontent.com
doc-00-60-docs.googleusercontent.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
64.media.tumblr.com
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    2606:4700:20::ac43:44e9 (United States)

ASN13335 (CLOUDFLARENET, US)
yotefiles.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    152.199.21.147 (United States)

ASN15133 (EDGECAST, US)
px.srvcs.tumblr.com
www.tumblr.com
3    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
pixel.wp.com
Domain Requested by
19 docs.google.com 19 redirects
10 assets.tumblr.com www.giveawaygplaygiftcard.xyz
assets.tumblr.com
3 pixel.wp.com www.giveawaygplaygiftcard.xyz
2 px.srvcs.tumblr.com www.giveawaygplaygiftcard.xyz
2 fonts.gstatic.com fonts.googleapis.com
2 doc-00-60-docs.googleusercontent.com 1 redirects doc-0o-70-docs.googleusercontent.com
2 doc-0c-60-docs.googleusercontent.com 1 redirects www.giveawaygplaygiftcard.xyz
2 doc-04-60-docs.googleusercontent.com 1 redirects www.giveawaygplaygiftcard.xyz
2 www.giveawaygplaygiftcard.xyz assets.tumblr.com
1 www.tumblr.com assets.tumblr.com
1 yotefiles.com www.giveawaygplaygiftcard.xyz
1 bit.ly 1 redirects
1 64.media.tumblr.com www.giveawaygplaygiftcard.xyz
1 doc-10-70-docs.googleusercontent.com www.giveawaygplaygiftcard.xyz
1 doc-00-70-docs.googleusercontent.com www.giveawaygplaygiftcard.xyz
1 doc-0c-70-docs.googleusercontent.com www.giveawaygplaygiftcard.xyz
1 fonts.googleapis.com www.giveawaygplaygiftcard.xyz
1 doc-0s-70-docs.googleusercontent.com www.giveawaygplaygiftcard.xyz
1 doc-0o-70-docs.googleusercontent.com www.giveawaygplaygiftcard.xyz
1 giveawaygplaygiftcard.xyz 1 redirects
31 20

This site contains links to these domains. Also see Links.

Domain
play.google.com
Subject Issuer Validity Valid
*.tumblr.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-26 -
2022-06-28		 2 years crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.media.tumblr.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-10 -
2022-02-09		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
tumblr.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-09 -
2022-04-14		 2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh

This page contains 7 frames:

Primary Page: http://www.giveawaygplaygiftcard.xyz/
Frame ID: D32A9598D93AE3F35A6C8748EEFB91D0
Requests: 22 HTTP requests in this frame

Frame: http://yotefiles.com/235993
Frame ID: 46405B5D4D94759D5487B9CDE121F8CC
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
Frame ID: 645A78B8149CD6E769A59CEE16A3595E
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Frame ID: FD942761921914E8BC424AAEA4185D2B
Requests: 1 HTTP requests in this frame

Frame: https://www.tumblr.com/dashboard/iframe/consent
Frame ID: C1482B49CA3FDAB4AF6209C86B15B5B4
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Frame ID: FA5220C6369329353A6A3BC011BA9A8A
Requests: 2 HTTP requests in this frame

Frame: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Frame ID: 14F79948882B47A59F9E626E82DADCF3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://giveawaygplaygiftcard.xyz/ HTTP 301
    http://www.giveawaygplaygiftcard.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

31
Requests

90 %
HTTPS

46 %
IPv6

9
Domains

20
Subdomains

10
IPs

3
Countries

803 kB
Transfer

2485 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://giveawaygplaygiftcard.xyz/ HTTP 301
    http://www.giveawaygplaygiftcard.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98 HTTP 307
  • https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Request Chain 1
  • http://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=46a7a9e1e08f1b33790dea4bb521d1c8 HTTP 307
  • https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=46a7a9e1e08f1b33790dea4bb521d1c8
Request Chain 2
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooeWxfd0lhc19GRWc&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooeWxfd0lhc19GRWc&export=download HTTP 302
  • https://doc-0o-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcc4e1ah4sjf62okbm7dvdrp59cq0otc/1606720125000/01356799126604706784/*/0B3z13d3oEHooeWxfd0lhc19GRWc?e=download
Request Chain 3
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooZi1vaFdiWW44a28&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooZi1vaFdiWW44a28&export=download HTTP 302
  • https://doc-0s-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/npe3gn6dqqsptlnumk1k8oh8tcs3qgpn/1606720125000/01356799126604706784/*/0B3z13d3oEHooZi1vaFdiWW44a28?e=download
Request Chain 5
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooTE12RlgtY1pSWE0&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooTE12RlgtY1pSWE0&export=download HTTP 302
  • https://doc-0c-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/6ucr4s66qm6uogldrtpitoi30387dpbm/1606720125000/01356799126604706784/*/0B3z13d3oEHooTE12RlgtY1pSWE0?e=download
Request Chain 6
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooUmpIbU5LUUxMaW8&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooUmpIbU5LUUxMaW8&export=download HTTP 302
  • https://doc-00-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rk5pqmj2jopmdc9vppss5hsvlh3p9988/1606720125000/01356799126604706784/*/0B3z13d3oEHooUmpIbU5LUUxMaW8?e=download
Request Chain 7
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooMGVzU2pyQ3k0bVE&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooMGVzU2pyQ3k0bVE&export=download HTTP 302
  • https://doc-10-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rp6nofaatadt3t4n36un9hcqp2d9lkka/1606720125000/01356799126604706784/*/0B3z13d3oEHooMGVzU2pyQ3k0bVE?e=download
Request Chain 8
  • http://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd HTTP 307
  • https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Request Chain 9
  • http://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3 HTTP 307
  • https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
Request Chain 11
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooOERyMGpJYTRYWjQ&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooOERyMGpJYTRYWjQ&export=download HTTP 302
  • https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooOERyMGpJYTRYWjQ?e=download HTTP 302
  • https://docs.google.com/nonceSigner?nonce=sah9osga36l22&continue=https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooOERyMGpJYTRYWjQ?e%3Ddownload&hash=gq7dsras4q41f33gile555rmtginqveu HTTP 302
  • https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooOERyMGpJYTRYWjQ?e=download&nonce=sah9osga36l22&user=04486573830884766124Z&hash=s3jllk175c5vp89pcjb7db0nep6qs0ia
Request Chain 12
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooV0pISHpENmp2NjQ&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooV0pISHpENmp2NjQ&export=download HTTP 302
  • https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooV0pISHpENmp2NjQ?e=download HTTP 302
  • https://docs.google.com/nonceSigner?nonce=04khend5hc12e&continue=https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooV0pISHpENmp2NjQ?e%3Ddownload&hash=ggv3cc3kepm4suo7b263fdbnq64l9pmt HTTP 302
  • https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooV0pISHpENmp2NjQ?e=download&nonce=04khend5hc12e&user=04486573830884766124Z&hash=0i9jr1j5ac2kdv10i0ehascsggg77rde
Request Chain 13
  • http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4 HTTP 307
  • https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Request Chain 14
  • https://bit.ly/1L0oO0d HTTP 301
  • http://yotefiles.com/235993
Request Chain 15
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooSkJIc2VYR2pweFU&export=download HTTP 302
  • https://docs.google.com/uc?id=0B3z13d3oEHooSkJIc2VYR2pweFU&export=download HTTP 302
  • https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooSkJIc2VYR2pweFU?e=download HTTP 302
  • https://docs.google.com/nonceSigner?nonce=v17mp0uj5vuro&continue=https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooSkJIc2VYR2pweFU?e%3Ddownload&hash=09e7f7kg327eqen9be76thqtgs0no9q7 HTTP 302
  • https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooSkJIc2VYR2pweFU?e=download&nonce=v17mp0uj5vuro&user=04486573830884766124Z&hash=s6f7vs65c93l8k2sa0ed5j5itjbucc2b
Request Chain 18
  • http://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062 HTTP 307
  • https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
Request Chain 22
  • http://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9 HTTP 307
  • https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Request Chain 25
  • http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4 HTTP 307
  • https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Request Chain 26
  • http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4 HTTP 307
  • https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.giveawaygplaygiftcard.xyz/
Redirect Chain
  • http://giveawaygplaygiftcard.xyz/
  • http://www.giveawaygplaygiftcard.xyz/
26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.giveawaygplaygiftcard.xyz/
Protocol
HTTP/1.1
Server
74.114.154.18 , Canada, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
openresty /
Resource Hash
9c6b47f682ff331e09d26f26463ffe891fc013b78c82d47536076ab2a755f7de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.giveawaygplaygiftcard.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Mon, 30 Nov 2020 07:09:42 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
8331
Connection
keep-alive
Vary
Accept-Encoding X-UA-Device, Accept, Accept-Encoding
X-Rid
d8b5891f50e72502fad94fc023486c34
P3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Tumblr-User
freegplaygiftcard2019
X-Tumblr-Pixel-0
https://px.srvcs.tumblr.com/impixu?T=1606720182&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3d3dy5naXZlYXdheWdwbGF5Z2lmdGNhcmQueHl6LyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyJ9&U=DABLEPFEII&K=c35b0aa3e37f43ffa6fb7e7e2233c5928306ebbbb7680ed4d80c4194d4fb994a--https://px.srvcs.tumblr.com/impixu?T=1606720182&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly93d3cuZ2l2ZWF3YXlncGxheWdpZnRjYXJkLnh5ei8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6Ii8iLCJwb3N0cyI6W3sicG9zdGlkIjoiMTg1NTYwNTc0MjcwIiwiYmxvZ2lkIjo0NjkwNTgyMDYsInNvdXJjZSI6
X-Tumblr-Pixel-1
MzN9XX0=&U=DNFFBDEOOJ&K=f6b96c2a47a7612e9a5edc69912314c84ad2ad29dcca02241b0acd3d75e529a9
X-Tumblr-Pixel
2
Link
<https://assets.tumblr.com/images/default_avatar/sphere_closed_128.png>; rel=icon
X-UA-Compatible
IE=Edge,chrome=1
Content-Encoding
gzip
X-UA-Device
desktop
Accept-Ranges
bytes

Redirect headers

Server
openresty
Date
Mon, 30 Nov 2020 07:09:42 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
X-Rid
64355374438fb518e0a0fa7199eb67aa
P3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Frame-Options
deny
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Cache-Control
public
Pragma
Location
http://www.giveawaygplaygiftcard.xyz/#_=_
X-UA-Compatible
IE=Edge,chrome=1
X-UA-Device
desktop
Vary
X-UA-Device, Accept
pre_tumblelog.js
assets.tumblr.com/assets/scripts/
Redirect Chain
  • http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
  • https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:42 GMT
content-encoding
br
last-modified
Wed, 15 Jul 2020 05:27:55 GMT
server
nginx
etag
W/"5f0e93db-c3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Non-Authoritative-Reason
HSTS
index.build.css
assets.tumblr.com/client/prod/standalone/blog-network-npf/
Redirect Chain
  • http://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=46a7a9e1e08f1b33790dea4bb521d1c8
  • https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=46a7a9e1e08f1b33790dea4bb521d1c8
8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=46a7a9e1e08f1b33790dea4bb521d1c8
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
1b194281324b96c9ef2d8c63881d2bc983076135722fd356fa879fb9b109e68a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:42 GMT
content-encoding
br
last-modified
Wed, 15 Jul 2020 05:02:04 GMT
server
nginx
etag
W/"5f0e8dcc-21f2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=46a7a9e1e08f1b33790dea4bb521d1c8
Non-Authoritative-Reason
HSTS
0B3z13d3oEHooeWxfd0lhc19GRWc
doc-0o-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcc4e1ah4sjf62okbm7dvdrp59cq0otc/1606720125000/01356799126604706784/*/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooeWxfd0lhc19GRWc&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooeWxfd0lhc19GRWc&export=download
  • https://doc-0o-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcc4e1ah4sjf62okbm7dvdrp59cq0otc/1606720125000/01356799126604706784/*/0B3z13d3oEHooeWxfd0lhc19GRWc?e=down...
40 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doc-0o-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcc4e1ah4sjf62okbm7dvdrp59cq0otc/1606720125000/01356799126604706784/*/0B3z13d3oEHooeWxfd0lhc19GRWc?e=download
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
054485cceb16f3cf98182985f1c69a8ce9c14d6d9ffb822c405044795c937cbf

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:43 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UwhD0rdLoUwm6lGtkTJv5LW2gIufjPh4KsT8-T5pGJB1d9NjB5KwkTU5o6S9-zoZNJXHCjZ8P5qjRF9Id4gpXQ
x-goog-hash
crc32c=X3dYWw==
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="style.css";filename*=UTF-8''style.css
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40687
expires
Mon, 30 Nov 2020 07:09:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-0o-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcc4e1ah4sjf62okbm7dvdrp59cq0otc/1606720125000/01356799126604706784/*/0B3z13d3oEHooeWxfd0lhc19GRWc?e=download
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-tX0HcxMhvPtlcgNInD3+QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
0B3z13d3oEHooZi1vaFdiWW44a28
doc-0s-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/npe3gn6dqqsptlnumk1k8oh8tcs3qgpn/1606720125000/01356799126604706784/*/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooZi1vaFdiWW44a28&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooZi1vaFdiWW44a28&export=download
  • https://doc-0s-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/npe3gn6dqqsptlnumk1k8oh8tcs3qgpn/1606720125000/01356799126604706784/*/0B3z13d3oEHooZi1vaFdiWW44a28?e=down...
3 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doc-0s-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/npe3gn6dqqsptlnumk1k8oh8tcs3qgpn/1606720125000/01356799126604706784/*/0B3z13d3oEHooZi1vaFdiWW44a28?e=download
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c5de1301218dc0f7a8900bb50302a3fcb38513bfedfc1d7319f8bbcba7988005

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:43 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UzVtvZYnWERVlms2xizRgr0e8B1Un_ush_9oZVS5iyNyHWT7b5kpZ7l8nS7F5UxH9tIBw1ykyP0mpfcePKKbW6JKAILLw
x-goog-hash
crc32c=oT129Q==
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="style.responsive.css";filename*=UTF-8''style.responsive.css
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2833
expires
Mon, 30 Nov 2020 07:09:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-0s-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/npe3gn6dqqsptlnumk1k8oh8tcs3qgpn/1606720125000/01356799126604706784/*/0B3z13d3oEHooZi1vaFdiWW44a28?e=download
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-70SP6x0oii+iSG5zEFzCaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		1 KB
556 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Abel|Asap&subset=latin
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afff9fa3118afbdefca0345efb024c41eb6973b1cc12a7403533b925962c487d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 07:09:42 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Mon, 30 Nov 2020 07:09:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 30 Nov 2020 07:09:42 GMT
0B3z13d3oEHooTE12RlgtY1pSWE0
doc-0c-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/6ucr4s66qm6uogldrtpitoi30387dpbm/1606720125000/01356799126604706784/*/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooTE12RlgtY1pSWE0&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooTE12RlgtY1pSWE0&export=download
  • https://doc-0c-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/6ucr4s66qm6uogldrtpitoi30387dpbm/1606720125000/01356799126604706784/*/0B3z13d3oEHooTE12RlgtY1pSWE0?e=down...
90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc-0c-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/6ucr4s66qm6uogldrtpitoi30387dpbm/1606720125000/01356799126604706784/*/0B3z13d3oEHooTE12RlgtY1pSWE0?e=download
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:43 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UwAyodKyiva_F2Cyavwz5tDSHZx5meHEczUn8P-2vJohro2IXV3nEHPpWGUzR1YNnJBfJGeG9jGFnc6TlYRW6571XONQw
x-goog-hash
crc32c=BMkYJQ==
content-type
application/javascript
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="jquery.js";filename*=UTF-8''jquery.js
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92629
expires
Mon, 30 Nov 2020 07:09:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-0c-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/6ucr4s66qm6uogldrtpitoi30387dpbm/1606720125000/01356799126604706784/*/0B3z13d3oEHooTE12RlgtY1pSWE0?e=download
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-cybN7kgwpjm/QYnGMcXZ9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
308
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
0B3z13d3oEHooUmpIbU5LUUxMaW8
doc-00-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rk5pqmj2jopmdc9vppss5hsvlh3p9988/1606720125000/01356799126604706784/*/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooUmpIbU5LUUxMaW8&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooUmpIbU5LUUxMaW8&export=download
  • https://doc-00-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rk5pqmj2jopmdc9vppss5hsvlh3p9988/1606720125000/01356799126604706784/*/0B3z13d3oEHooUmpIbU5LUUxMaW8?e=down...
35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc-00-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rk5pqmj2jopmdc9vppss5hsvlh3p9988/1606720125000/01356799126604706784/*/0B3z13d3oEHooUmpIbU5LUUxMaW8?e=download
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ed863707315dcef101c51100d3413ec187f099ea5d690a4e57bcdf0d85fc98b3

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:43 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UwC7sUXiLSSZ9D8g8BZ1IQrs6DUDUXmhJZq3xfzM7FrrrkVjS8z-P8oGBXAi2Hd7J4mglsn1FzrL6_nma_BPmE
x-goog-hash
crc32c=atU/pQ==
content-type
application/javascript
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="script.js";filename*=UTF-8''script.js
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35459
expires
Mon, 30 Nov 2020 07:09:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-00-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rk5pqmj2jopmdc9vppss5hsvlh3p9988/1606720125000/01356799126604706784/*/0B3z13d3oEHooUmpIbU5LUUxMaW8?e=download
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-qI3X8plSlAlBfnbbVVIFXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
0B3z13d3oEHooMGVzU2pyQ3k0bVE
doc-10-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rp6nofaatadt3t4n36un9hcqp2d9lkka/1606720125000/01356799126604706784/*/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooMGVzU2pyQ3k0bVE&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooMGVzU2pyQ3k0bVE&export=download
  • https://doc-10-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rp6nofaatadt3t4n36un9hcqp2d9lkka/1606720125000/01356799126604706784/*/0B3z13d3oEHooMGVzU2pyQ3k0bVE?e=down...
12 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc-10-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rp6nofaatadt3t4n36un9hcqp2d9lkka/1606720125000/01356799126604706784/*/0B3z13d3oEHooMGVzU2pyQ3k0bVE?e=download
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
508a074a015f41680b761be3048ff7bc80ccc29a5e9d814825002be5514b5009

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:43 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UzxW-OOhg2YYm_fjAqvfqe7MgQ9l1qvcqeGCGRhPkTcHyruAlKW4J2A6qaJzBMWw-DMYC9QxbWCBdXjMsZodIwKLJQUYA
x-goog-hash
crc32c=0fiLmw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="script.responsive.js";filename*=UTF-8''script.responsive.js
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11817
expires
Mon, 30 Nov 2020 07:09:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-10-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/rp6nofaatadt3t4n36un9hcqp2d9lkka/1606720125000/01356799126604706784/*/0B3z13d3oEHooMGVzU2pyQ3k0bVE?e=download
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-8iYz3/mGANpPWUmOytHz4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
tumblelog_post_message_queue.js
assets.tumblr.com/assets/scripts/
Redirect Chain
  • http://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
  • https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
355 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:42 GMT
content-encoding
br
last-modified
Wed, 15 Jul 2020 05:27:55 GMT
server
nginx
etag
W/"5f0e93db-163"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Non-Authoritative-Reason
HSTS
stylesheet.css
assets.tumblr.com/fonts/gibson/
Redirect Chain
  • http://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
  • https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
2 KB
545 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:42 GMT
content-encoding
br
last-modified
Wed, 15 Jul 2020 05:02:04 GMT
server
nginx
etag
W/"5f0e8dcc-97e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
Non-Authoritative-Reason
HSTS
tumblr_pt14pwTmDM1yqqlslo1_500.png
64.media.tumblr.com/b1c2d308c720306a29adaf7d1493a5a0/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/b1c2d308c720306a29adaf7d1493a5a0/tumblr_pt14pwTmDM1yqqlslo1_500.png
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8e01c0468b3f094916df1284c41d3563fd4a3f9839b1b9821463de86322a915b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 4
content-security-policy
block-all-mixed-content
last-modified
Wed, 25 Nov 2020 17:05:07 GMT
server
nginx
x-frames
1
etag
"b1c2d308c720306a29adaf7d1493a5a0-1498089600-7b28472"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
date
Mon, 30 Nov 2020 07:09:43 GMT
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
38097
0B3z13d3oEHooOERyMGpJYTRYWjQ
doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooOERyMGpJYTRYWjQ&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooOERyMGpJYTRYWjQ&export=download
  • https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooOE...
  • https://docs.google.com/nonceSigner?nonce=sah9osga36l22&continue=https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720...
  • https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooOE...
11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooOERyMGpJYTRYWjQ?e=download&nonce=sah9osga36l22&user=04486573830884766124Z&hash=s3jllk175c5vp89pcjb7db0nep6qs0ia
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
99eec18e696715cb0b18bfdf859a8051eb64dcecfcd1afce76403a33b742d09b

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:44 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UyIEW4yPNCigKhoW0Lc6K6UyKrB1oSPMybvhCREtwQGy0Kmmc6fX-P_pF9-JBsFj2w7V4-BdDlo_fV7ENz9cjXRdVmtBw
x-goog-hash
crc32c=DXMUVQ==
p3p
CP="This is not a P3P policy! See http://www.google.com/support/accounts/answer/151657?hl=en for more info."
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="loading.gif";filename*=UTF-8''loading.gif
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10820
expires
Mon, 30 Nov 2020 07:09:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:44 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-04-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/aoaspkke1bnovvor4t898trqafqqshh3/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooOERyMGpJYTRYWjQ?e=download&nonce=sah9osga36l22&user=04486573830884766124Z&hash=s3jllk175c5vp89pcjb7db0nep6qs0ia
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-uhiOTn2TEC6i1QwtuXqtNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentSignerHttp/cspreport;worker-src 'self', script-src 'nonce-uhiOTn2TEC6i1QwtuXqtNQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentSignerHttp/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
0B3z13d3oEHooV0pISHpENmp2NjQ
doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooV0pISHpENmp2NjQ&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooV0pISHpENmp2NjQ&export=download
  • https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooV0...
  • https://docs.google.com/nonceSigner?nonce=04khend5hc12e&continue=https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720...
  • https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooV0...
19 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooV0pISHpENmp2NjQ?e=download&nonce=04khend5hc12e&user=04486573830884766124Z&hash=0i9jr1j5ac2kdv10i0ehascsggg77rde
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ae2d61adcbda386d64b23b5610cc0788096f6e490349c0027c550d1b0a253a38

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:44 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UyHswx-O2J4YXEyfyYSPgB0NPIarUB4kbJzZCJA4HGo2L_RSov864ArE4mWVlytUttr78vCk4Y1wSJ7MSMUSbM
x-goog-hash
crc32c=mtOAyw==
p3p
CP="This is not a P3P policy! See http://www.google.com/support/accounts/answer/151657?hl=en for more info."
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="asdasd.png";filename*=UTF-8''asdasd.png
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19375
expires
Mon, 30 Nov 2020 07:09:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:44 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-0c-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/rg5aebrnms4aa4k2qm5mjpfv005vlu7d/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooV0pISHpENmp2NjQ?e=download&nonce=04khend5hc12e&user=04486573830884766124Z&hash=0i9jr1j5ac2kdv10i0ehascsggg77rde
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-Sw+wV4HVuDMvT0G/LVsq0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentSignerHttp/cspreport;worker-src 'self', script-src 'nonce-Sw+wV4HVuDMvT0G/LVsq0Q' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentSignerHttp/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/
Redirect Chain
  • http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
  • https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
699 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
4c83d8d79d13c0b3b39ed5df488a8ad3bdaa5e758ccd403937f9e7677340e97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:44 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 15:38:59 GMT
server
nginx
etag
W/"5fb54013-aedfc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Non-Authoritative-Reason
HSTS
Cookie set 235993
yotefiles.com/ Frame 4640
Redirect Chain
  • https://bit.ly/1L0oO0d
  • http://yotefiles.com/235993
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://yotefiles.com/235993
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
yotefiles.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.giveawaygplaygiftcard.xyz/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.giveawaygplaygiftcard.xyz/

Response headers

Date
Mon, 30 Nov 2020 07:09:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d810d06b702816e9df3ae86133aa06ca81606720184; expires=Wed, 30-Dec-20 07:09:44 GMT; path=/; domain=.yotefiles.com; HttpOnly; SameSite=Lax
CF-Cache-Status
DYNAMIC
cf-request-id
06b995785c0000175212909000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FxvdLCOWphOIuLlXnyzlroxbMGFDja%2B73VCtorJ%2FTVlDYDJqOyhUwkJmz0DAGkkBCFNxPAirCyTqLyhJGrXVolwIiRN5RQSE8Q5Wk6BOnSNyQpTxGpRFK92A"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5fa2bea0987a1752-FRA
Content-Encoding
gzip

Redirect headers

server
nginx
date
Mon, 30 Nov 2020 07:09:44 GMT
content-type
text/html; charset=utf-8
content-length
114
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://yotefiles.com/235993
referrer-policy
unsafe-url
set-cookie
_bit=kau79I-c1ccd29d5912caab87-00p; Domain=bit.ly; Expires=Sat, 29 May 2021 07:09:44 GMT
via
1.1 google
alt-svc
clear
0B3z13d3oEHooSkJIc2VYR2pweFU
doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/
Redirect Chain
  • https://docs.google.com/uc?authuser=0&id=0B3z13d3oEHooSkJIc2VYR2pweFU&export=download
  • https://docs.google.com/uc?id=0B3z13d3oEHooSkJIc2VYR2pweFU&export=download
  • https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooSk...
  • https://docs.google.com/nonceSigner?nonce=v17mp0uj5vuro&continue=https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720...
  • https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooSk...
75 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooSkJIc2VYR2pweFU?e=download&nonce=v17mp0uj5vuro&user=04486573830884766124Z&hash=s6f7vs65c93l8k2sa0ed5j5itjbucc2b
Requested by
Host: doc-0o-70-docs.googleusercontent.com
URL: https://doc-0o-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcc4e1ah4sjf62okbm7dvdrp59cq0otc/1606720125000/01356799126604706784/*/0B3z13d3oEHooeWxfd0lhc19GRWc?e=download
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5666b19c6df8ec3bbeb7e7ca08fc939ecd428dc5d57ecf2fc5921ed6dbca055e

Request headers

Referer
https://doc-0o-70-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcc4e1ah4sjf62okbm7dvdrp59cq0otc/1606720125000/01356799126604706784/*/0B3z13d3oEHooeWxfd0lhc19GRWc?e=download
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:44 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UxHoNnB5aaFfLQCZ3Mh5rSGUpxu01ZLeTp09AL9A0UV0J9KIvxkZuAcpsR7fmEYqlpgH-0VLyeSKQEW0J8IAsdz41EXIw
x-goog-hash
crc32c=zbCSsw==
p3p
CP="This is not a P3P policy! See http://www.google.com/support/accounts/answer/151657?hl=en for more info."
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="pageglare.png";filename*=UTF-8''pageglare.png
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76396
expires
Mon, 30 Nov 2020 07:09:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:44 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-00-60-docs.googleusercontent.com/docs/securesc/ic39uoasfheo587949lre5j9719bnnrs/cjeqth2ercljv1lmi2voi3rb5qi64lic/1606720125000/01356799126604706784/04486573830884766124Z/0B3z13d3oEHooSkJIc2VYR2pweFU?e=download&nonce=v17mp0uj5vuro&user=04486573830884766124Z&hash=s6f7vs65c93l8k2sa0ed5j5itjbucc2b
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-yp6d1w4RUQJURdosSkfm2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentSignerHttp/cspreport;worker-src 'self', script-src 'nonce-yp6d1w4RUQJURdosSkfm2A' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentSignerHttp/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
MwQ5bhbm2POE2V9BPbh5uGM.woff2
fonts.gstatic.com/s/abel/v12/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPbh5uGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Abel|Asap&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42c19752ec1d9d93821198bfebce02c7ece58b7a908c42e308dab2a41c726e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.giveawaygplaygiftcard.xyz
Referer
https://fonts.googleapis.com/css?family=Abel|Asap&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 11:21:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:37 GMT
server
sffe
age
330496
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9584
x-xss-protection
0
expires
Fri, 26 Nov 2021 11:21:27 GMT
KFOoCniXp96ayzse4GZNCzc.woff2
fonts.gstatic.com/s/asap/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/asap/v13/KFOoCniXp96ayzse4GZNCzc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Abel|Asap&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fd73b7d75ef856b689964d016bfd8a5415acfbda909e252b73165842d3b088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.giveawaygplaygiftcard.xyz
Referer
https://fonts.googleapis.com/css?family=Abel|Asap&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 12:37:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:52:12 GMT
server
sffe
age
325958
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13664
x-xss-protection
0
expires
Fri, 26 Nov 2021 12:37:05 GMT
analytics.html
assets.tumblr.com/ Frame 645A
Redirect Chain
  • http://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
  • https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload max-age=31536000; preload

Request headers

:method
GET
:authority
assets.tumblr.com
:scheme
https
:path
/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.giveawaygplaygiftcard.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

server
nginx
date
Mon, 30 Nov 2020 07:09:44 GMT
content-type
text/html; charset=utf-8
last-modified
Sat, 01 Aug 2020 05:25:08 GMT
vary
Accept-Encoding
etag
W/"5f24fcb4-1664"
content-encoding
br
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000 immutable
strict-transport-security
max-age=31536000; preload max-age=31536000; preload
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*

Redirect headers

Location
https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062#http://www.giveawaygplaygiftcard.xyz
Non-Authoritative-Reason
HSTS
impixu
px.srvcs.tumblr.com/ 		95 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.srvcs.tumblr.com/impixu?T=1606720182&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3d3dy5naXZlYXdheWdwbGF5Z2lmdGNhcmQueHl6LyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyJ9&U=OJPAGHJAFG&K=79f421ab7dea883e7b99fed6c451d6ba5766de4706a5dda1181fce59ad2197c9&R=
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.147 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:44 GMT
server
openresty
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
image/png
content-length
95
impixu
px.srvcs.tumblr.com/ 		95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.srvcs.tumblr.com/impixu?T=1606720182&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly93d3cuZ2l2ZWF3YXlncGxheWdpZnRjYXJkLnh5ei8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6Ii8iLCJwb3N0cyI6W3sicG9zdGlkIjoiMTg1NTYwNTc0MjcwIiwiYmxvZ2lkIjo0NjkwNTgyMDYsInNvdXJjZSI6MzN9XX0=&U=HOLALJKLCN&K=3f6f99d0446fd638c276f928a56d9b379d88a925c7c931dda2a75f4d048587a5&R=
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.147 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 07:09:44 GMT
server
openresty
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
image/png
content-length
95
showads.js
www.giveawaygplaygiftcard.xyz/assets/scripts/tumblr/dashboard/ 		0
452 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.giveawaygplaygiftcard.xyz/assets/scripts/tumblr/dashboard/showads.js
Requested by
Host: assets.tumblr.com
URL: http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Protocol
HTTP/1.1
Server
74.114.154.18 , Canada, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Mon, 30 Nov 2020 07:09:44 GMT
Last-Modified
Sat, 28 Nov 2020 06:13:52 GMT
Server
openresty
ETag
"5fc1eaa0-0"
Vary
X-UA-Device, Accept
Content-Type
application/javascript; charset=utf-8
X-UA-Device
desktop
Cache-Control
max-age=315360000, public, must-revalidate, proxy-revalidate, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Thu, 31 Dec 2037 23:55:55 GMT
login_check.html
assets.tumblr.com/assets/html/iframe/ Frame FD94
Redirect Chain
  • http://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
  • https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Requested by
Host: assets.tumblr.com
URL: http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload max-age=31536000; preload

Request headers

:method
GET
:authority
assets.tumblr.com
:scheme
https
:path
/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.giveawaygplaygiftcard.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

server
nginx
date
Mon, 30 Nov 2020 07:09:44 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 15 Jul 2020 05:27:55 GMT
vary
Accept-Encoding
etag
W/"5f0e93db-270"
content-encoding
br
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000 immutable
strict-transport-security
max-age=31536000; preload max-age=31536000; preload
timing-allow-origin
*
x-nc
HIT ams 1
access-control-allow-origin
*

Redirect headers

Location
https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Non-Authoritative-Reason
HSTS
g.gif
pixel.wp.com/ 		50 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=tumblr&tid=3&rand=579277&_ts=1606720184492&ref=http%3A%2F%2Fwww.giveawaygplaygiftcard.xyz%2F
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:44 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
consent
www.tumblr.com/dashboard/iframe/ Frame C148 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tumblr.com/dashboard/iframe/consent
Requested by
Host: assets.tumblr.com
URL: http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.147 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.tumblr.com
:scheme
https
:path
/dashboard/iframe/consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.giveawaygplaygiftcard.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.giveawaygplaygiftcard.xyz/

Response headers

content-encoding
br
cache-control
no-cache, must-revalidate
content-security-policy-report-only
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ https://*.quantserve.com https://*.quantcount.com https://quantcast.mgr.consensu.org 'unsafe-eval' 'nonce-aCeIJikBkWdnuKdE9U6hgLF70sI'; object-src 'none'; worker-src blob:; base-uri 'self';
content-type
text/html; charset=UTF-8
date
Mon, 30 Nov 2020 07:09:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
pragma
no-cache
referrer-policy
origin-when-cross-origin
server
openresty
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-rid
483395087193640524010407670381402562421
x-robots-tag
noindex
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ Frame FA52
Redirect Chain
  • http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
  • https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
699 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
4c83d8d79d13c0b3b39ed5df488a8ad3bdaa5e758ccd403937f9e7677340e97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:44 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 15:38:59 GMT
server
nginx
etag
W/"5fb54013-aedfc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Non-Authoritative-Reason
HSTS
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ Frame 14F7
Redirect Chain
  • http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
  • https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
699 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
4c83d8d79d13c0b3b39ed5df488a8ad3bdaa5e758ccd403937f9e7677340e97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:44 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 15:38:59 GMT
server
nginx
etag
W/"5fb54013-aedfc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=8e439ccd7386182faae0d4b2ba2f41f4
Non-Authoritative-Reason
HSTS
g.gif
pixel.wp.com/ Frame FA52 		50 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=tumblr&tid=3&rand=8042186&_ts=1606720185245&ref=http%3A%2F%2Fwww.giveawaygplaygiftcard.xyz%2F
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:45 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ Frame 14F7 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=tumblr&tid=3&rand=465289&_ts=1606720185285&ref=http%3A%2F%2Fwww.giveawaygplaygiftcard.xyz%2F
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 07:09:45 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sphere_closed_64.png
assets.tumblr.com/images/default_avatar/ Frame 14F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.tumblr.com/images/default_avatar/sphere_closed_64.png
Requested by
Host: www.giveawaygplaygiftcard.xyz
URL: http://www.giveawaygplaygiftcard.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
78b410cea2a17c8566ff5c407cef68eafe0590bb11254483a48e61ff54d1e0e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
http://www.giveawaygplaygiftcard.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 30 Nov 2020 07:09:45 GMT
last-modified
Thu, 07 May 2020 05:05:25 GMT
server
nginx
etag
"5eb39715-6a1"
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
content-length
1697
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated boolean| __pbpa string| translated_warning_string function| $ function| jQuery function| navigatorResizeHandler function| artButtonSetup function| Control function| fixRssIconLineHeight function| ThemeLightbox function| processHeaderMultipleBg object| browser function| BackgroundHelper object| responsiveDesign function| responsiveAbsBg function| responsiveImages function| responsiveVideos function| responsiveTextblocks function| responsiveSlider function| responsiveCollages function| responsiveNavigator function| responsiveSlideshow function| responsiveLayoutCell object| jQuery19106474042276839889 object| Tumblr function| startTimer string| chars number| string_length number| string_length1 number| num_chars string| result string| result1 string| result2 string| result3 string| result4 function| nx1 function| nx2 function| nx3 function| nx4 function| nx5 function| nx6 function| nx7 function| _ object| Backbone object| scrollMonitor boolean| COMSCORE

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
assets.tumblr.com
bit.ly
doc-00-60-docs.googleusercontent.com
doc-00-70-docs.googleusercontent.com
doc-04-60-docs.googleusercontent.com
doc-0c-60-docs.googleusercontent.com
doc-0c-70-docs.googleusercontent.com
doc-0o-70-docs.googleusercontent.com
doc-0s-70-docs.googleusercontent.com
doc-10-70-docs.googleusercontent.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
giveawaygplaygiftcard.xyz
pixel.wp.com
px.srvcs.tumblr.com
www.giveawaygplaygiftcard.xyz
www.tumblr.com
yotefiles.com
152.199.21.147
192.0.76.3
192.0.77.3
192.0.77.40
2606:4700:20::ac43:44e9
2a00:1450:4001:800::2001
2a00:1450:4001:808::200e
2a00:1450:4001:814::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:820::200a
66.6.44.4
67.199.248.11
74.114.154.18
054485cceb16f3cf98182985f1c69a8ce9c14d6d9ffb822c405044795c937cbf
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
1b194281324b96c9ef2d8c63881d2bc983076135722fd356fa879fb9b109e68a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42c19752ec1d9d93821198bfebce02c7ece58b7a908c42e308dab2a41c726e00
4c83d8d79d13c0b3b39ed5df488a8ad3bdaa5e758ccd403937f9e7677340e97f
508a074a015f41680b761be3048ff7bc80ccc29a5e9d814825002be5514b5009
5666b19c6df8ec3bbeb7e7ca08fc939ecd428dc5d57ecf2fc5921ed6dbca055e
78b410cea2a17c8566ff5c407cef68eafe0590bb11254483a48e61ff54d1e0e4
8e01c0468b3f094916df1284c41d3563fd4a3f9839b1b9821463de86322a915b
99eec18e696715cb0b18bfdf859a8051eb64dcecfcd1afce76403a33b742d09b
9c6b47f682ff331e09d26f26463ffe891fc013b78c82d47536076ab2a755f7de
ae2d61adcbda386d64b23b5610cc0788096f6e490349c0027c550d1b0a253a38
afff9fa3118afbdefca0345efb024c41eb6973b1cc12a7403533b925962c487d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c5de1301218dc0f7a8900bb50302a3fcb38513bfedfc1d7319f8bbcba7988005
c7fd73b7d75ef856b689964d016bfd8a5415acfbda909e252b73165842d3b088
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
ed863707315dcef101c51100d3413ec187f099ea5d690a4e57bcdf0d85fc98b3
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1