Submitted URL: http://giveawayheadquarters.com/
Effective URL: https://giveawayheadquarters.com/
Submission: On May 30 via manual from VN — Scanned from US

Summary

This website contacted 23 IPs in 3 countries across 17 domains to perform 66 HTTP transactions. The main IP is 52.3.72.218, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is giveawayheadquarters.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 9th 2024. Valid for: a year.
This is the only time giveawayheadquarters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 52.3.72.218 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.18.28.243 13335 (CLOUDFLAR...)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 54.231.192.249 16509 (AMAZON-02)
1 4 44.198.133.147 14618 (AMAZON-AES)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 6 3.90.120.100 14618 (AMAZON-AES)
2 2600:9000:21d... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 172.67.207.183 13335 (CLOUDFLAR...)
1 34.202.232.249 14618 (AMAZON-AES)
1 18.238.55.129 16509 (AMAZON-02)
7 3.223.148.179 14618 (AMAZON-AES)
2 54.216.92.235 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.115.179 16509 (AMAZON-02)
3 2600:9000:21d... 16509 (AMAZON-02)
66 23
Apex Domain
Subdomains
Transfer
11 giveawayheadquarters.com
giveawayheadquarters.com
103 KB
8 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 26233
cdn.trustedform.com — Cisco Umbrella Rank: 31049
43 KB
7 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13668
4 KB
7 amazonaws.com
ppe-userenroll-assets.s3.amazonaws.com — Cisco Umbrella Rank: 544444
99 KB
6 twyne.io
madera.api.twyne.io
cdn.twyne.io — Cisco Umbrella Rank: 463087
253 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
34 KB
4 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
d3v6q7097edepm.cloudfront.net
7 KB
4 trk-keingent.com
trk-keingent.com — Cisco Umbrella Rank: 30822
event.trk-keingent.com — Cisco Umbrella Rank: 75059
3 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
38 KB
3 gstatic.com
fonts.gstatic.com
50 KB
2 r3engage.com
live.r3engage.com — Cisco Umbrella Rank: 227317
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
164 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
260 B
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 20871
38 KB
1 quilljs.com
cdn.quilljs.com — Cisco Umbrella Rank: 23706
4 KB
1 iconscout.com
unicons.iconscout.com — Cisco Umbrella Rank: 70576
8 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
12 KB
66 17
Domain Requested by
11 giveawayheadquarters.com giveawayheadquarters.com
cdnjs.cloudflare.com
7 create.leadid.com create.lidstatic.com
7 ppe-userenroll-assets.s3.amazonaws.com giveawayheadquarters.com
6 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
5 madera.api.twyne.io 1 redirects giveawayheadquarters.com
madera.api.twyne.io
4 cdnjs.cloudflare.com giveawayheadquarters.com
4 fonts.googleapis.com giveawayheadquarters.com
d3v6q7097edepm.cloudfront.net
3 d3v6q7097edepm.cloudfront.net giveawayheadquarters.com
3 event.trk-keingent.com trk-keingent.com
3 fonts.gstatic.com fonts.googleapis.com
2 live.r3engage.com www.googletagmanager.com
live.r3engage.com
2 cdn.trustedform.com giveawayheadquarters.com
api.trustedform.com
2 www.googletagmanager.com giveawayheadquarters.com
www.googletagmanager.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 www.google-analytics.com www.googletagmanager.com
1 cdn.twyne.io giveawayheadquarters.com
1 trk-keingent.com giveawayheadquarters.com
1 create.lidstatic.com giveawayheadquarters.com
1 ajax.googleapis.com giveawayheadquarters.com
1 cdn.quilljs.com giveawayheadquarters.com
1 unicons.iconscout.com giveawayheadquarters.com
1 use.fontawesome.com giveawayheadquarters.com
66 22

This site contains links to these domains. Also see Links.

Domain
the-solar-project.com
Subject Issuer Validity Valid
*.userenroll.com
Amazon RSA 2048 M02
2024-05-09 -
2025-06-06
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
iconscout.com
GTS CA 1P5
2024-05-14 -
2024-08-12
3 months crt.sh
cdn.quilljs.com
GTS CA 1P5
2024-04-22 -
2024-07-21
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
twyne.io
Amazon RSA 2048 M03
2023-12-15 -
2025-01-12
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
lidstatic.com
E1
2024-05-25 -
2024-08-23
3 months crt.sh
trk-keingent.com
GTS CA 1P5
2024-05-26 -
2024-08-24
3 months crt.sh
create.leadid.com
Amazon RSA 2048 M02
2023-08-21 -
2024-09-17
a year crt.sh
*.r3engage.com
Go Daddy Secure Certificate Authority - G2
2024-01-02 -
2025-01-30
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.trustedform.com
Amazon RSA 2048 M03
2023-08-11 -
2024-09-07
a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03
2024-02-13 -
2025-03-13
a year crt.sh

This page contains 3 frames:

Primary Page: https://giveawayheadquarters.com/
Frame ID: 1AB532E2185C1D8776B7D26F05731F3E
Requests: 64 HTTP requests in this frame

Frame: https://madera.api.twyne.io//aserving/tk/d361ad4ab5434168be235a5c27b6d914
Frame ID: 9EC16D33F0B95A58BE589ECD05D336FF
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=362F5840-95D2-6B39-D3C0-93090A6CD830&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Frame ID: 16E4BFB7B811FDDA5E217F0069AE4176
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

GiveawayHeadquarters

Page URL History Show full URLs

  1. http://giveawayheadquarters.com/ HTTP 307
    https://giveawayheadquarters.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

80 %
HTTPS

50 %
IPv6

17
Domains

22
Subdomains

23
IPs

3
Countries

892 kB
Transfer

2096 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://giveawayheadquarters.com/ HTTP 307
    https://giveawayheadquarters.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false
Request Chain 32
  • https://madera.api.twyne.io//link/css/111/427/master/false HTTP 302
  • https://cdn.twyne.io/madera/src/111/427/desktop/master.css

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
giveawayheadquarters.com/
Redirect Chain
  • http://giveawayheadquarters.com/
  • https://giveawayheadquarters.com/
89 KB
28 KB
Document
General
Full URL
https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 / Express
Resource Hash
b2b590787e423bef1244aa730af500cc621639ffbdc2fa4fc55773c1a4712703
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 03:00:13 GMT
etag
W/"163ab-JsuIdAWCU00d7R5KQCq9h1D33+s"
server
nginx/1.23.1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
Express

Redirect headers

Location
https://giveawayheadquarters.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,900
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3774aa05dedb7aaaac0ad444864c96dc6eb6e9a6cbebaaae5a189a97dc225dba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 03:00:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 03:00:13 GMT
all.css
use.fontawesome.com/releases/v5.7.2/css/
53 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Origin
https://giveawayheadquarters.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRc3wqbPouW1nBI0uG4njd2L%2Bk98vd2nTKD8zNVIA%2B7AlTGNrDVu14KCrb0uuIp%2Bc7oTmif%2FlOZpPFuaocOxqFVxC939y8qt1FqHaWfjS3p%2FMuBPCmJRMYx5mpbDTg%2BNLGySc%2Bun3rbYQ9qfxHWr6QFq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
88bb79022c8567b4-MIA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/
150 KB
23 KB
Stylesheet
General
Full URL
https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/bootstrap.min.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 17:47:42 GMT
server
nginx/1.23.1
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap-grid.min.css
giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/
47 KB
6 KB
Stylesheet
General
Full URL
https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/bootstrap-grid.min.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
e6d573b7daafdee530dc4204ffb40f9bd192b3f65ed11a0bf02b18b909bca8a8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 17:47:42 GMT
server
nginx/1.23.1
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
default.css
giveawayheadquarters.com/assets/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://giveawayheadquarters.com/assets/css/default.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
d0d98234577192702f3e5ce17fca3d7e5f5a8104da1af8095d235fbd6d49ce74

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 17:47:41 GMT
server
nginx/1.23.1
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/
71 KB
12 KB
Stylesheet
General
Full URL
https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/main.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
e4f8c318b76ed2d33cc6fb467a86c4990c36319a2f049e96f5778014cb879886

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 19:52:40 GMT
server
nginx/1.23.1
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
unicons.css
unicons.iconscout.com/release/v1.0.0/css/
44 KB
8 KB
Stylesheet
General
Full URL
https://unicons.iconscout.com/release/v1.0.0/css/unicons.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8060215a04f5ecb9f4962d8a0250b0d33209a961032c590ef44d719fe17b4eb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
x-amz-version-id
WWE54nS28s98dAz7Vd2bu1yZJ7iAvmjD
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
QXK10186R2RYCRFQ
age
1002787
cf-polished
origSize=66337
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kGr//tJC0I5rD9K/+cNaZKbfe9Le2S6LO6hLER5kQDvYK5VA6QqTH/Z0odcfx64D0oxStEvccaQ=
cf-bgj
minify
last-modified
Mon, 10 Feb 2020 07:21:56 GMT
server
cloudflare
etag
W/"a0735eaffd85e42868e15cd1ccecfa1c"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
x-amz-meta-fl-original-last-modified
2019-07-07T06:01:03Z
cf-ray
88bb79020854a54c-MIA
expires
Fri, 30 May 2025 03:00:13 GMT
quill.snow.css
cdn.quilljs.com/1.2.6/
24 KB
4 KB
Stylesheet
General
Full URL
https://cdn.quilljs.com/1.2.6/quill.snow.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46304
content-length
3632
last-modified
Mon, 22 Apr 2024 16:07:39 UTC
server
cloudflare
etag
"9f6624fdd91fb800234c1afe33f6ecbe"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLB1WRUTu7Fdx4lgh%2FdBBjrRxIIaX89sgBDhh5lj%2FEE77HHeSikS%2BAmqXiexWL6HZyvm1TkTofysg9B%2BllDoZX5uKejs8l4959LPS%2F68Yg1N5dhDZBY%2B9coJJGnwsQpMN9pSS8%2BXLoRgPgxVgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
88bb79022ca7a582-MIA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29440
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 May 2025 09:06:19 GMT
remodal.min.js
giveawayheadquarters.com/assets/js/
21 KB
5 KB
Script
General
Full URL
https://giveawayheadquarters.com/assets/js/remodal.min.js
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 17:47:41 GMT
server
nginx/1.23.1
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
lander.js
giveawayheadquarters.com/assets/js/
68 KB
15 KB
Script
General
Full URL
https://giveawayheadquarters.com/assets/js/lander.js
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
2f58674fc10ba5368ee6dd6208f97697aaeedd3b6db9137375fa96d7025c5c1b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 17:47:41 GMT
server
nginx/1.23.1
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
path-form.css
giveawayheadquarters.com/assets/css/
191 B
395 B
Stylesheet
General
Full URL
https://giveawayheadquarters.com/assets/css/path-form.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
last-modified
Wed, 29 May 2024 17:47:41 GMT
server
nginx/1.23.1
content-type
text/css
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
191
expires
Thu, 31 Dec 2037 23:55:55 GMT
1643237575704
ppe-userenroll-assets.s3.amazonaws.com/
7 KB
7 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1643237575704
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3871365de86bff54974b8445829eb5ce9b5802d0c73219eb4a377d3a4154aba1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:14 GMT
x-amz-meta-fieldname
image
Last-Modified
Wed, 26 Jan 2022 22:52:56 GMT
Server
AmazonS3
x-amz-request-id
39ET9XWVWAY987DA
ETag
"2e1a241a9878c9f823a746c3cc6c7c73"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
6676
x-amz-id-2
PVhDwzAOScpmaYjnagQ/UyJB8riq0S2W5HbikSpLCNpHSmD2M3+Wj5AdrrkNHkAEtqetGczjQ5k=
form.js
madera.api.twyne.io/assets/
242 KB
243 KB
Script
General
Full URL
https://madera.api.twyne.io/assets/form.js
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.198.133.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-133-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
521506948ca3a730561f485601894dcaa7ca7e344c5129c280cd17cd9e87a0b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:13 GMT
last-modified
Wed, 29 May 2024 23:27:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
247861
expires
Thu, 29 May 2025 23:27:10 GMT
1644250205701
ppe-userenroll-assets.s3.amazonaws.com/
1 KB
2 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1644250205701
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5bbaa5817ad3718aecb9be59fa9bd87f795caf075d781ec6c5a84ad11c72d958

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:14 GMT
x-amz-meta-fieldname
image
Last-Modified
Mon, 07 Feb 2022 16:10:06 GMT
Server
AmazonS3
x-amz-request-id
39EP56KCFD434WB4
ETag
"9d5590d34f7bc40a040902caa7ec3f5c"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
1441
x-amz-id-2
miMO0aGgJPZtX5yVByoaD4C1vRDi7P5pxau9bOubEoZODh0ZtCMnAI/6gm6TuEEGaRsUnIAshks=
1644250219640
ppe-userenroll-assets.s3.amazonaws.com/
2 KB
2 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1644250219640
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
736485ce01bed1915d399dcd5e201b8229b238c96b36edf52d7a37a386cf72f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:15 GMT
x-amz-meta-fieldname
image
Last-Modified
Mon, 07 Feb 2022 16:10:20 GMT
Server
AmazonS3
x-amz-request-id
80A1MAVR9W9EBEWZ
ETag
"a3ffd8e9b52f1a7a7a8f6c76056bcc55"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
1830
x-amz-id-2
JujZMfhUo2mlDEo4gwKogeVhgVIVrTACcJIKgZOq+BS2ue46aw58isqGbJW/WFCcbbk7FpVgzPw=
1644250239424
ppe-userenroll-assets.s3.amazonaws.com/
1 KB
2 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1644250239424
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
590483af34f0f94631c70df478efc09b3ee7660a480a10189a976f28690465a5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:15 GMT
x-amz-meta-fieldname
image
Last-Modified
Mon, 07 Feb 2022 16:10:40 GMT
Server
AmazonS3
x-amz-request-id
80A0A99SEWMBWQ0C
ETag
"645e6c83ebf3f599e1304c7dd3cd0aac"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
1529
x-amz-id-2
zMAaYN4EONxtJ9zUJ53olkycPHKaXkQJ4lDiah1RYe9w8IWNlLuJ/uOYe7f7Mjs9tODy1QNuCe8=
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/
82 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
93599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26660
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BRxE281UOuwQ%2B0EWakMon47LdyKd7wgqK43QXLLHLCtYD%2Bs025jEG3A%2BZd5rDQj0FuQEH0QM5%2BPIBiyJGGPZHIZM5AnFE4DU1D%2B7sqkLAVNF%2FiBsX9tS2wZqax%2BKHLJ3JRUQ8vuM%2FXckK9wIGHBHPtq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88bb7903e92c8ddf-MIA
expires
Tue, 20 May 2025 03:00:14 GMT
deal.js
giveawayheadquarters.com/themes/giveawayheadquarters/assets/js/
6 KB
2 KB
Script
General
Full URL
https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/js/deal.js
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
9293a3839f8df8ce2ef30ed75244d915ba4db113a835b6e18b48db462b1dd6da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 17:47:42 GMT
server
nginx/1.23.1
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://giveawayheadquarters.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
576190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
394
last-modified
Sat, 06 Jan 2024 19:26:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65999b45-18a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GthCf2IsWSVUSjTeWa7JqPgNpa67lNJkXKje%2FQJFzedoB4Q40TTT9Pl7m5%2FdlLb8iMzIb27DXPGwPVeukB7ZBBlnpdDlz46rcZCSanqkJKhlN5JESn%2BnKVX2qiRrL6rgRWEDtWM2LRYftTPwagBRYOmP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88bb7903e8a92239-MIA
expires
Tue, 20 May 2025 03:00:14 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/
2 KB
996 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://giveawayheadquarters.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
20026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
655
last-modified
Sat, 06 Jan 2024 19:26:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65999b42-28f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pl3lW6UpHw1DppqqcJ2pcMm3ZrhtNIJ%2BXPFJWhAz5F%2FwpDhFRZAoThs1ZnOhmknBbtYD%2BgRh0R4ZxQ166j1wybEyQMDwVh6nbQdWEptOthFryUj%2BARYKoIxP1%2B0uGr9RzfdA1lFnLnF2UsEWcLhTTptB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88bb7903e8a82239-MIA
expires
Tue, 20 May 2025 03:00:14 GMT
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/
42 KB
9 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://giveawayheadquarters.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
25001
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9284
last-modified
Sat, 06 Jan 2024 19:26:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65999b46-2444"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCdjtAq7gW8OFZ%2BU5OSrHCyjpsFtVQiX211YYgq8juuxv5ASlNbChNUhLjvnmTG3%2FY9%2BZfx%2F4%2FjPGutotSqYSYXAzhQub0pNV5zU1zcZ%2BNp%2FmCe6hNEe2cYHXwv1HwLgkaD6T5Ouqn0j5gT3pkeLp5vt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88bb7903e8a32239-MIA
expires
Tue, 20 May 2025 03:00:14 GMT
gtm.js
www.googletagmanager.com/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WHLJW28
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90ff3595eafa20047f09f1129ce3ec60e867b0e8f5e2d7c664d12dd209084c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68886
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 May 2024 03:00:14 GMT
arrow-banner.png
giveawayheadquarters.com/themes/giveawayheadquarters/assets/img/
2 KB
2 KB
Image
General
Full URL
https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/img/arrow-banner.png
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
dc9188f5e7827164eed0d7a4a9ebe5e39211e350f1d30c1709f740603e2ba904

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/main.css
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
last-modified
Wed, 29 May 2024 17:47:42 GMT
server
nginx/1.23.1
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1829
expires
Thu, 31 Dec 2037 23:55:55 GMT
1670613906787
ppe-userenroll-assets.s3.amazonaws.com/
82 KB
83 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1670613906787
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1ff1bde3568d2b35a77cc5210f78021cf6fedf6d9361c1ceae9055656f88df2f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:15 GMT
x-amz-meta-fieldname
image
Last-Modified
Fri, 09 Dec 2022 19:25:07 GMT
Server
AmazonS3
x-amz-request-id
80A8ZZ7JP43WPH8P
ETag
"c39ecf7f3f9d8c6c0a057805811ff652"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
84146
x-amz-id-2
PoCmLmw2bolknNe9kssOPazZ+kOIfxHF+XbT1KEsuEPDU3rPL/iPkZDS2UE/IdADJcpxLvQJlZY=
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://giveawayheadquarters.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 07:56:04 GMT
x-content-type-options
nosniff
age
68650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 May 2025 07:56:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://giveawayheadquarters.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:04:28 GMT
x-content-type-options
nosniff
age
64546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 May 2025 09:04:28 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false
16 KB
6 KB
Script
General
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Server
2600:9000:21dd:bc00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c41763922de088a739d13373593d2bc7569bb525e40fc762ef7d7518af231d6c

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://giveawayheadquarters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 30 May 2024 03:00:15 GMT
x-amz-version-id
1D.FF77dd61qyGtl5RG.iFxte1pw_rUE
content-encoding
gzip
last-modified
Fri, 10 May 2024 19:43:29 GMT
server
AmazonS3
via
1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"0f54ed54362c72f248b148a0f774d6c1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
0_cmeJgm_-0xvK1Cu9M9YrEvqdR3tXpMoQ8aY0BgNcCEHSlqgpOuug==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false
date
Thu, 30 May 2024 03:00:14 GMT
server
awselb/2.0
content-length
134
content-type
text/html
cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js
create.lidstatic.com/campaign/
121 KB
38 KB
Script
General
Full URL
https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
527cebd0bf86152cbb074ba99586ebdbd885e073da982c19bf009b4122dcca54

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
x-amz-version-id
Nwg1WkzbIT8lEKxfsPpAoZMy_c0tHNcj
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
563XCWNCR7SPTVX6
age
1647
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
LQM4ltC5OHfEWAFdaXve3cwyzFGqVe2cbdYcsHkHE/1Mn/NrFJ6pjVjOzz/9X3ZiZgqHyHFDcdU=
last-modified
Wed, 17 Jan 2024 22:20:17 GMT
server
cloudflare
etag
W/"2293f5038c5052fa946a25c8abc262f9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
88bb79050925a4d4-MIA
l8empmzekr
trk-keingent.com/scripts/push/script/
8 KB
3 KB
Script
General
Full URL
https://trk-keingent.com/scripts/push/script/l8empmzekr?url=giveawayheadquarters.com&alturl=/
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd139058dc0a2ecd6ddb3b07d4c236c3904dc1e052226c75ea1f6fcc7c5266fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2517
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 03:00:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZWnJlPDvBvOG6KJxFekWHm1r1DwKjoXjsHfyDjdE8LPzG%2FxzfiIBqRo0GTTzWdLE5XrKnWFTJujKErfkzXJj2E6omvGoa%2BIH6El5%2Bd%2BrNOatakc%2FldakQ6Y11ucslXQvQvz"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
88bb7904de6d749a-MIA
expires
0
d361ad4ab5434168be235a5c27b6d914
madera.api.twyne.io//aserving/tk/ Frame 9EC1
0
0
Document
General
Full URL
https://madera.api.twyne.io//aserving/tk/d361ad4ab5434168be235a5c27b6d914
Requested by
Host: madera.api.twyne.io
URL: https://madera.api.twyne.io/assets/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.202.232.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-232-249.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://giveawayheadquarters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache
content-length
0
date
Thu, 30 May 2024 03:00:14 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
default.css
madera.api.twyne.io//static/css/adserve-default/
244 B
741 B
Stylesheet
General
Full URL
https://madera.api.twyne.io//static/css/adserve-default/default.css?version=29.41
Requested by
Host: madera.api.twyne.io
URL: https://madera.api.twyne.io/assets/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.198.133.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-133-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5808bde73645ede892bdd885fbae3e7958e5ac0790f10ffc3878e6669cddc5ac

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
last-modified
Mon, 19 Jul 2021 13:52:04 GMT
server
Microsoft-IIS/10.0
etag
"09a6f41a57cd71:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
244
master.css
cdn.twyne.io/madera/src/111/427/desktop/
Redirect Chain
  • https://madera.api.twyne.io//link/css/111/427/master/false
  • https://cdn.twyne.io/madera/src/111/427/desktop/master.css
44 KB
9 KB
Stylesheet
General
Full URL
https://cdn.twyne.io/madera/src/111/427/desktop/master.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
HTTP/1.1
Server
18.238.55.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-129.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83eab92cb0898589e54c50ff779dc7b9883d1e247117069c21e7007b8bcd28fa

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://giveawayheadquarters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Thu, 30 May 2024 03:00:15 GMT
Content-Encoding
gzip
Via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P4
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
x-amz-meta-size
43.79 KB
Last-Modified
Thu, 09 Feb 2023 16:08:35 GMT
Server
AmazonS3
ETag
W/"332cf82696076fa9cbaebb13322a347c"
Vary
Accept-Encoding
x-amz-meta-type
text/css
Content-Type
text/css
x-amz-meta-filename
X-Amz-Cf-Id
Wtq8xHFEtj8LZSfOY9yPuOFMcuQxPtCI_0gx1SHe_u5D1jPVAElfRw==

Redirect headers

pragma
no-cache
date
Thu, 30 May 2024 03:00:14 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
location
https://cdn.twyne.io/madera/src/111/427/desktop/master.css
cache-control
no-cache
content-length
0
expires
-1
index
madera.api.twyne.io//aserving/
37 B
640 B
Script
General
Full URL
https://madera.api.twyne.io//aserving/index?pid=111&sid=427&first=&last=&email=&address1=&address2=&city=&gender=&state=&zip=&phone=&dob=%2F%2F&istest=n&externalgroup=K7KUM-BkMMmv5-wu-C4B&country=US&subid1=1439-&subid2=&twid=d361ad4ab5434168be235a5c27b6d914&domainUrl=https%3A%2F%2Fgiveawayheadquarters.com%2F&optout=false
Requested by
Host: madera.api.twyne.io
URL: https://madera.api.twyne.io/assets/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.198.133.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-133-147.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5194fc85988fb4e6000db4a1e942100374a9de7ba3e6d716a114d99e157ebbc2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 03:00:14 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript; charset=utf-8
cache-control
no-cache
content-length
37
expires
-1
submit
giveawayheadquarters.com/api/session/
31 KB
10 KB
XHR
General
Full URL
https://giveawayheadquarters.com/api/session/submit
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.72.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-72-218.compute-1.amazonaws.com
Software
nginx/1.23.1 / Express
Resource Hash
8dbb511c2542f9a4bd483839eb881b3232191b9c6e6370a409996e3178fe95cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://giveawayheadquarters.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
gzip
server
nginx/1.23.1
x-powered-by
Express
etag
W/"7d18-zyKWv6m0lsSn3XDV3GyqTwepk7o"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
GenerateToken
create.leadid.com/2.12.1/
36 B
656 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=ae1a188c-5a45-48a9-a00b-72b568c5cca8&_=533933247
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.148.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-148-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
43cbb5b5c78703968cff383ed4878ff7880d9386a650320082eedd2d8e3f302a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/
285 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-23HJN8TRBE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHLJW28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae1347642d9bc2d31b1b5e489268ff503f6037cb200ff05bb818a6f18c9aac94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98806
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 May 2024 03:00:14 GMT
1622
live.r3engage.com/
5 KB
6 KB
Script
General
Full URL
https://live.r3engage.com/1622
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHLJW28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.92.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-92-235.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash
c0c00753113f56afc00411224008faf6daaea8972c3f531194b3c7bc766bd7f8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:14 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
Connection
keep-alive
X-Powered-By
PHP/7.2.26
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
collect
www.google-analytics.com/g/
0
260 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-23HJN8TRBE&gtm=45je45m0v883422649z8858596138za200zb858596138&_p=1717038013912&gcd=13l3l3l3l1&npa=0&dma=0&cid=19961325.1717038015&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717038014&sct=1&seg=0&dl=https%3A%2F%2Fgiveawayheadquarters.com%2F&dt=GiveawayHeadquarters&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1708
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-23HJN8TRBE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 03:00:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://giveawayheadquarters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 16E4
0
0
Document
General
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=362F5840-95D2-6B39-D3C0-93090A6CD830&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-179.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://giveawayheadquarters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
67951
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 29 May 2024 08:07:43 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
X-Amz-Cf-Id
e02EvYsZRYdOVxLWoBhAy-HqXs5FLb3YlwUbtVkKf6KT_gVWWCVE-g==
X-Amz-Cf-Pop
JFK50-P6
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=ae1a188c-5a45-48a9-a00b-72b568c5cca8&token=362F5840-95D2-6B39-D3C0-93090A6CD830&_=533933248
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.148.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-148-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=ae1a188c-5a45-48a9-a00b-72b568c5cca8&token=362F5840-95D2-6B39-D3C0-93090A6CD830&_=533933249
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.148.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-148-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 03:00:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
r3engage.php
live.r3engage.com/
15 KB
15 KB
Script
General
Full URL
https://live.r3engage.com/r3engage.php?r3move=1&r3cache=0&testsess6876=9ca1839247e9bc20f2e188698e0c0d0d&referrer=&fp=_&ce=a&res=b&cnv=f&ver=d&res_av=c&ver_os=e&campaign_id=1622&s1=&t1=&t2=&t3=
Requested by
Host: live.r3engage.com
URL: https://live.r3engage.com/1622
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.92.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-92-235.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash
24b8f4c5a51ed860565b4fc859b532c5d7e7d871461a67160c7a037eddeeb39c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Thu, 30 May 2024 03:00:15 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.2.26
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
w9glr0w6g2
event.trk-keingent.com/register/event_log/ Frame
0
0
Preflight
General
Full URL
https://event.trk-keingent.com/register/event_log/w9glr0w6g2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://giveawayheadquarters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88bb790a9f3bdb09-MIA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Thu, 30 May 2024 03:00:15 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6QU76ZkBNUNe1NbvdVO5QB7lViX7pFMluJiC2M7Z3cCXYxANPs6BwQQalzHKO6yaVjontmput%2FdK4CR14RupwbeHW%2FU27HNAf7IuvQiOHerbV%2Bbd3DCs9TEIX5cVPL8MyFtdJZl%2FBuH9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
w9glr0w6g2
event.trk-keingent.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-keingent.com/register/event_log/w9glr0w6g2
Requested by
Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/l8empmzekr?url=giveawayheadquarters.com&alturl=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Thu, 30 May 2024 03:00:15 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrEJFr2Ns2YXcrL3AwYF4NuwOJkZuvJhOAJTAnEx7rsOD%2BpouhiWPgZXl6kiN7rUr7YU1V%2F9maYL05D6TldjJA6QkK7MX7U4DLwRxrMrfnfvczR4%2BSnbf33dXBJgdvxWIWTIIyLvGfsN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
88bb790b0ff8db09-MIA
x-pushplatformapp-params
Snap
create.leadid.com/2.12.1/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=ae1a188c-5a45-48a9-a00b-72b568c5cca8&token=362F5840-95D2-6B39-D3C0-93090A6CD830&_=533933250
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.148.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-148-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 03:00:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
animate3.css
d3v6q7097edepm.cloudfront.net/css/
71 KB
5 KB
Stylesheet
General
Full URL
https://d3v6q7097edepm.cloudfront.net/css/animate3.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2200:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5549023d853f3c320a369d0488a225e0af4a4226f8728f2df9c375cfb00ec86

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 07:07:16 GMT
content-encoding
gzip
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
last-modified
Fri, 31 Jan 2020 17:33:11 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
76334
etag
W/"6cafe138e48efead0052fcf75e8d7ec1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
cSOfQ9AsC2ArCy1AcKR_pcUTF4txaUiEMNOCQfOAmcQtf266H5jpgg==
font_style.css
d3v6q7097edepm.cloudfront.net/fonts/
388 B
724 B
Stylesheet
General
Full URL
https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2200:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c889d274343f4c399a643353e1e19e13f924fbbf3161c1f6d91ba6bb40c3fe14

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 08:35:41 GMT
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Jan 2020 16:59:31 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
66275
etag
"b1aefbe0145794b1b12df477e94590fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
388
x-amz-cf-id
JXqw78OrEvS6lZmnVHMg1WKdUmnQLkygRm4VMM5KvnyVZhfF7zj-zg==
1kb.mp3
d3v6q7097edepm.cloudfront.net/mp3/
1 KB
1 KB
Media
General
Full URL
https://d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
Requested by
Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2200:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://giveawayheadquarters.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 06:05:46 GMT
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
last-modified
Fri, 31 Jan 2020 17:32:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
75283
etag
"2fab401479fc569b1d333e5c561fa50a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
audio/mp3
Content-Range
bytes 0-1151/1152
accept-ranges
bytes
x-amz-cf-id
8hmWDmWYtnE6F0Np9TGJY7T2lH30Wmh5Fck8JAw1BVD7u_pLlkZICA==
Content-Length
1152
css
fonts.googleapis.com/
1 KB
607 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One
Requested by
Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a96715c711864031d765c36298446b205f7c40d39b63c94021fab2bc60962a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://d3v6q7097edepm.cloudfront.net/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 03:00:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 02:51:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 03:00:15 GMT
css
fonts.googleapis.com/
13 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster
Requested by
Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84fed1e01aa70c4b589fee7378133909f9f54645b8d5c37f8430434f8c7fd446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://d3v6q7097edepm.cloudfront.net/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 03:00:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 02:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 03:00:15 GMT
css
fonts.googleapis.com/
4 KB
536 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,500,300,600,700
Requested by
Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://d3v6q7097edepm.cloudfront.net/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 03:00:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 02:28:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 03:00:15 GMT
certs
api.trustedform.com/
475 B
686 B
XHR
General
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.90.120.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-120-100.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
43f871ccfa446f87812213befb6647b07fff069739503fa9dc92f0343eda249a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 May 2024 03:00:15 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://giveawayheadquarters.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 08:51:35 GMT
x-content-type-options
nosniff
age
65320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 May 2025 08:51:35 GMT
1643237619670
ppe-userenroll-assets.s3.amazonaws.com/
3 KB
3 KB
Other
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1643237619670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f2c07d92997debb3379125c9067f1dc0334fc8577df7aafeeb255c06e3f3232

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:16 GMT
x-amz-meta-fieldname
image
Last-Modified
Wed, 26 Jan 2022 22:53:40 GMT
Server
AmazonS3
x-amz-request-id
JZNZZW427TVE16SJ
ETag
"769881cd4cb1814a59a4e9c2b8cdfa5f"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
2858
x-amz-id-2
HHToTmwCOq8pAjHAzqz/ZKDPgE/ey93a2CjavADcGWpXTsQ/ZxFD8z0Ml6EnFBk6R0u8+QLvA6c=
trustedform-1.9.15.js
cdn.trustedform.com/
92 KB
35 KB
Script
General
Full URL
https://cdn.trustedform.com/trustedform-1.9.15.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17170380141440.9464251361311233&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c16612b76acbad337a38019fa67cb4733227a5acf681d92471d5bbe0bae121a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
trC3BDaL_J_G4BXqreWlhhQIwhMePOn1
content-encoding
gzip
via
1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
date
Thu, 30 May 2024 03:00:11 GMT
last-modified
Fri, 10 May 2024 19:43:29 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
6
etag
W/"d5f4304dea6121d44398da810b5a4106"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_btg8oL5ITkzjeWb54A7_YTBQzEqaqMExLnnpNsIhJgrFuaxOiwVew==
Snap
create.leadid.com/2.12.1/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/Snap?msn=5&pid=ae1a188c-5a45-48a9-a00b-72b568c5cca8&token=362F5840-95D2-6B39-D3C0-93090A6CD830&_=533933251
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.148.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-148-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 03:00:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
snapshot
api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.90.120.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-120-100.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 30 May 2024 03:00:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
fingerprints
api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.90.120.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-120-100.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 30 May 2024 03:00:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
truncated
/
10 KB
10 KB
Other
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
events
api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/
0
159 B
Ping
General
Full URL
https://api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.90.120.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-120-100.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 30 May 2024 03:00:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
InitFormData
create.leadid.com/2.12.1/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=6&pid=ae1a188c-5a45-48a9-a00b-72b568c5cca8&token=362F5840-95D2-6B39-D3C0-93090A6CD830&_=533933252
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.148.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-148-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 03:00:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
1643237619670
ppe-userenroll-assets.s3.amazonaws.com/
3 KB
0
Other
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1643237619670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f2c07d92997debb3379125c9067f1dc0334fc8577df7aafeeb255c06e3f3232

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 03:00:16 GMT
x-amz-meta-fieldname
image
Last-Modified
Wed, 26 Jan 2022 22:53:40 GMT
Server
AmazonS3
x-amz-request-id
JZNZZW427TVE16SJ
ETag
"769881cd4cb1814a59a4e9c2b8cdfa5f"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
2858
x-amz-id-2
HHToTmwCOq8pAjHAzqz/ZKDPgE/ey93a2CjavADcGWpXTsQ/ZxFD8z0Ml6EnFBk6R0u8+QLvA6c=
Snap
create.leadid.com/2.12.1/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.12.1/Snap?msn=7&pid=ae1a188c-5a45-48a9-a00b-72b568c5cca8&token=362F5840-95D2-6B39-D3C0-93090A6CD830&_=533933253
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.148.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-148-179.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 03:00:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/8aca7a61795142d72339e8887a834430bd0f2a7b/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.90.120.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-120-100.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 30 May 2024 03:00:16 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
w9glr0w6g2
event.trk-keingent.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-keingent.com/register/event_log/w9glr0w6g2
Requested by
Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/l8empmzekr?url=giveawayheadquarters.com&alturl=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://giveawayheadquarters.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Thu, 30 May 2024 03:00:16 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6Ui9Wx7AU0O%2FDifZ2GBZ7LAz6CNeB7XWNzR%2FPIsM5vnHNDGZeQ4D4GCMljNUrmify3UtTaWHNeQATxuizHXVjqHvkM6Soth4im%2FpCwtbZCa5Q67wCUiLg4EMunoskhtosM1vTMnpzYJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
88bb7915ae4ddb09-MIA
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| $ function| jQuery object| Lander function| submitRecaptcha object| feedbackElem function| eventEvaluation function| httpRequest function| httpController function| dispatcherEvent function| dispatcher function| UnitedStatesProvider function| AustraliaProvider function| CanadaProvider object| instances function| MergeTag function| CustomField function| CustomQuestion function| Offer function| PrivacyModal function| Placement function| Stack function| SingleOffer function| executePreping function| Consumer function| Form function| Fields function| Percent function| FormRegistration function| VMasker object| TabsWidget object| CollapsableHeader object| DealQuestions object| DealsPaginator function| loadMoreDeals object| twy function| setupEvent string| propertyName object| form object| LeadiDconfig object| LeadiD object| google_tag_manager object| google_tag_data function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes function| onYouTubeIframeAPIReady object| gaGlobal string| label string| id boolean| sensitiveData object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording number| campaign_id string| testrandom6876 boolean| hasLocal6876 undefined| localSess6876 undefined| dayMs undefined| sessDate undefined| nowDate undefined| diffDays object| testcookiedate6876 object| script object| resourceSentry object| resourceCJS string| fp6876 string| ce string| reff_6876 object| resource function| r3consent6876 function| getsess6876 boolean| r3locked object| magic6876 string| res string| res_av string| ver string| ver_os string| cnv boolean| ios7 boolean| chrome_6876 function| r3_6876_rules_reset object| back_array_6876 number| bt_6876 object| back_alert_6876 object| back_message_6876 number| tt_6876 object| tab_array_6876 object| tab_alert_6876 object| tab_message_6876 object| r3_orig_links_6876 object| location6876 object| listen6876 string| opage6876 number| pagechange6876 number| ki_6876 number| esp_6876 number| disableClose string| eventName number| ig_6876 number| ex_6876 string| id_6876 number| app_id number| ck_6876 number| app_rec number| home_6876 boolean| home_bool_6876 boolean| is_mobile_6876 boolean| touchstart_activated_6876 string| r3dv_content string| r3_hash string| r3_site_id string| r3_account string| search_button number| agent_platform_6876 number| platform_6876 number| agent_browser_6876 object| myDate string| cookieName string| cookieValue function| r3_getsessid function| r3_log function| r3_history_response function| r3_log_button function| vibrate_6876 function| r3_Data_Blur function| r3_datascrape function| show_6876 object| fileref object| fileref_font object| r3_user_stylesheet function| r3_close_popup function| r3_6876_header_close_popup function| r3_6876_top_close_popup function| r3_open_popup object| vid_6876 function| sound_6876 object| tunes_6876 object| body_6876 undefined| old_touchstart_6876 function| r3_dynamic object| r3schedules6876 object| r3_activeschedule6876 function| check_rules_6876 string| c5638_6876 object| creatives_6876 object| media_vibrate_6876 object| media_sound_6876 object| data_scrape_6876 object| r3_footer_6876 object| js_6876 object| js_source_6876 number| last_eng_id_6876 function| createCookie function| getCookie function| checkCookie undefined| hashDetection undefined| screenmonitor undefined| fragment function| navbar6876 function| visibilityChanged undefined| hashHandler undefined| create string| redsess_6876 number| entry_shown_6876 number| trigger_id_temp_6876 boolean| useHash object| regeneratorRuntime function| trustedFormNext string| orig_6876

12 Cookies

Domain/Path Name / Value
giveawayheadquarters.com/ Name: _psession
Value: 0cff4fc7-2b92-4a96-b4e0-a2e5418433b6
madera.api.twyne.io/ Name: twid
Value: d361ad4ab5434168be235a5c27b6d914
madera.api.twyne.io/ Name: AWSALBCORS
Value: JrdkrwUDjtQloFE/6p9WaKmhjwDRoI9MpLc8vTTitjL+9/2YkylZCkx7Mu0gzTAXxkI5MTH8ZYrxwj0i74FKdBR/nVY6P7PLfjbV+Nntdx5KpPFtQC+whUJ0BVox
.giveawayheadquarters.com/ Name: _ga_23HJN8TRBE
Value: GS1.1.1717038014.1.0.1717038014.0.0.0
.giveawayheadquarters.com/ Name: _ga
Value: GA1.1.19961325.1717038015
giveawayheadquarters.com/ Name: leadid_token-934E3705-AE01-D5F3-9E2B-B9A54E634C7A-CBBC58D7-CA44-C52F-1907-DC09FB320ED4
Value: 362F5840-95D2-6B39-D3C0-93090A6CD830
.trueleadid.com/ Name: nlbi_3051494
Value: u7DMV7cfMm5/EDYRC30iGwAAAAAJ27cpovd467EpEm59SbID
.trueleadid.com/ Name: visid_incap_3051494
Value: HMeZ59/tSTyDL6mx30fEkL3rV2YAAAAAQUIPAAAAAADPIkmhffiRbl0TMQ2tC6t/
.trueleadid.com/ Name: incap_ses_1596_3051494
Value: jSM5YivJjXC2DZmcmyEmFr7rV2YAAAAAWDXEvacWQTlotMjdeiN37w==
.deviceid.trueleadid.com/ Name: uuid
Value: e43a914e41ed4219863e8779da699e10
.giveawayheadquarters.com/ Name: r3sess6876
Value: 9ca1839247e9bc20f2e188698e0c0d0d
.giveawayheadquarters.com/ Name: R3_SESSID_JS
Value: 9ca1839247e9bc20f2e188698e0c0d0d

26 Console Messages

Source Level URL
Text
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://giveawayheadquarters.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: https://giveawayheadquarters.com/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.quilljs.com
cdn.trustedform.com
cdn.twyne.io
cdnjs.cloudflare.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d3v6q7097edepm.cloudfront.net
event.trk-keingent.com
fonts.googleapis.com
fonts.gstatic.com
giveawayheadquarters.com
live.r3engage.com
madera.api.twyne.io
ppe-userenroll-assets.s3.amazonaws.com
trk-keingent.com
unicons.iconscout.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
104.18.28.243
172.67.207.183
18.164.115.179
18.238.55.129
2600:9000:21dd:2200:13:7c59:6e80:21
2600:9000:21dd:bc00:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3036::6815:1b98
2606:4700:3108::ac42:2b5d
2606:4700::6811:190e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::200a
3.223.148.179
3.90.120.100
34.202.232.249
44.198.133.147
52.3.72.218
54.216.92.235
54.231.192.249
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1ff1bde3568d2b35a77cc5210f78021cf6fedf6d9361c1ceae9055656f88df2f
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
24b8f4c5a51ed860565b4fc859b532c5d7e7d871461a67160c7a037eddeeb39c
2f2c07d92997debb3379125c9067f1dc0334fc8577df7aafeeb255c06e3f3232
2f58674fc10ba5368ee6dd6208f97697aaeedd3b6db9137375fa96d7025c5c1b
3774aa05dedb7aaaac0ad444864c96dc6eb6e9a6cbebaaae5a189a97dc225dba
3871365de86bff54974b8445829eb5ce9b5802d0c73219eb4a377d3a4154aba1
3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565
43cbb5b5c78703968cff383ed4878ff7880d9386a650320082eedd2d8e3f302a
43f871ccfa446f87812213befb6647b07fff069739503fa9dc92f0343eda249a
4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5194fc85988fb4e6000db4a1e942100374a9de7ba3e6d716a114d99e157ebbc2
521506948ca3a730561f485601894dcaa7ca7e344c5129c280cd17cd9e87a0b4
527cebd0bf86152cbb074ba99586ebdbd885e073da982c19bf009b4122dcca54
5808bde73645ede892bdd885fbae3e7958e5ac0790f10ffc3878e6669cddc5ac
590483af34f0f94631c70df478efc09b3ee7660a480a10189a976f28690465a5
5bbaa5817ad3718aecb9be59fa9bd87f795caf075d781ec6c5a84ad11c72d958
5c16612b76acbad337a38019fa67cb4733227a5acf681d92471d5bbe0bae121a
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
736485ce01bed1915d399dcd5e201b8229b238c96b36edf52d7a37a386cf72f1
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8060215a04f5ecb9f4962d8a0250b0d33209a961032c590ef44d719fe17b4eb3
83eab92cb0898589e54c50ff779dc7b9883d1e247117069c21e7007b8bcd28fa
84fed1e01aa70c4b589fee7378133909f9f54645b8d5c37f8430434f8c7fd446
8dbb511c2542f9a4bd483839eb881b3232191b9c6e6370a409996e3178fe95cd
90ff3595eafa20047f09f1129ce3ec60e867b0e8f5e2d7c664d12dd209084c3a
9293a3839f8df8ce2ef30ed75244d915ba4db113a835b6e18b48db462b1dd6da
9a96715c711864031d765c36298446b205f7c40d39b63c94021fab2bc60962a3
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
a5549023d853f3c320a369d0488a225e0af4a4226f8728f2df9c375cfb00ec86
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
ae1347642d9bc2d31b1b5e489268ff503f6037cb200ff05bb818a6f18c9aac94
b2b590787e423bef1244aa730af500cc621639ffbdc2fa4fc55773c1a4712703
c0c00753113f56afc00411224008faf6daaea8972c3f531194b3c7bc766bd7f8
c41763922de088a739d13373593d2bc7569bb525e40fc762ef7d7518af231d6c
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87
c889d274343f4c399a643353e1e19e13f924fbbf3161c1f6d91ba6bb40c3fe14
cd139058dc0a2ecd6ddb3b07d4c236c3904dc1e052226c75ea1f6fcc7c5266fb
d0d98234577192702f3e5ce17fca3d7e5f5a8104da1af8095d235fbd6d49ce74
d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff
dc9188f5e7827164eed0d7a4a9ebe5e39211e350f1d30c1709f740603e2ba904
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8c318b76ed2d33cc6fb467a86c4990c36319a2f049e96f5778014cb879886
e6d573b7daafdee530dc4204ffb40f9bd192b3f65ed11a0bf02b18b909bca8a8
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615