giveawayheadquarters.com Open in urlscan Pro
34.206.218.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://giveawayheadquarters.com/
Effective URL:
https://giveawayheadquarters.com/
Submission: On October 12 via api (October 12th 2023, 10:48:35 pm UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 18 domains to perform 81 HTTP transactions. The main IP is 34.206.218.144, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is giveawayheadquarters.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.

This is the only time giveawayheadquarters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.211.97.59 3.211.97.59	14618 (AMAZON-AES) (AMAZON-AES)
12	34.206.218.144 34.206.218.144	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:28a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
9	3.5.29.190 3.5.29.190	14618 (AMAZON-AES) (AMAZON-AES)
1 5	3.83.74.132 3.83.74.132	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	34.248.165.133 34.248.165.133	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:225e:a000:13:7c59:6e80:21	16509 (AMAZON-02) (AMAZON-02)
1 6	44.210.169.31 44.210.169.31	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:8000:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3.211.188.32 3.211.188.32	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700:e2:... 2606:4700:e2::ac40:8a07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.28 13.32.121.28	16509 (AMAZON-02) (AMAZON-02)
1	13.32.23.225 13.32.23.225	16509 (AMAZON-02) (AMAZON-02)
1	44.209.230.36 44.209.230.36	14618 (AMAZON-AES) (AMAZON-AES)
81	23

1 3.211.97.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-97-59.compute-1.amazonaws.com

giveawayheadquarters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.206.218.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-218-144.compute-1.amazonaws.com

giveawayheadquarters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1df3 (United States)

ASN13335 (CLOUDFLARENET, US)

unicons.iconscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28a9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quilljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.5.29.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ppe-userenroll-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.83.74.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-74-132.compute-1.amazonaws.com

madera.api.twyne.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.165.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-165-133.eu-west-1.compute.amazonaws.com

live.r3engage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225e:a000:13:7c59:6e80:21 (United States)

ASN16509 (AMAZON-02, US)

d3v6q7097edepm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.210.169.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-169-31.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:8000:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.211.188.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-188-32.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e2::ac40:8a07 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-keingent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-keingent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-28.fra60.r.cloudfront.net

cdn.twyne.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-225.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.230.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-230-36.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	giveawayheadquarters.com 1 redirects giveawayheadquarters.com	107 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	143 KB
9	amazonaws.com ppe-userenroll-assets.s3.amazonaws.com — Cisco Umbrella Rank: 837363	108 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 27104 cdn.trustedform.com — Cisco Umbrella Rank: 31790	38 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 16979	4 KB
6	twyne.io 1 redirects madera.api.twyne.io cdn.twyne.io — Cisco Umbrella Rank: 494446	281 KB
5	trk-keingent.com trk-keingent.com — Cisco Umbrella Rank: 29101 event.trk-keingent.com — Cisco Umbrella Rank: 73790	3 KB
5	cloudfront.net d3v6q7097edepm.cloudfront.net d2m2wsoho8qq12.cloudfront.net	10 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	33 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	38 KB
3	gstatic.com fonts.gstatic.com	50 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	314 B
2	r3engage.com live.r3engage.com — Cisco Umbrella Rank: 206130	21 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 19117	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 30078	39 KB
1	quilljs.com cdn.quilljs.com — Cisco Umbrella Rank: 25910	4 KB
1	iconscout.com unicons.iconscout.com — Cisco Umbrella Rank: 88297	8 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1214	12 KB
81	18

	Domain	Requested by
13	giveawayheadquarters.com	1 redirects giveawayheadquarters.com cdnjs.cloudflare.com
10	www.googletagmanager.com	giveawayheadquarters.com www.googletagmanager.com
9	ppe-userenroll-assets.s3.amazonaws.com	giveawayheadquarters.com
7	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	madera.api.twyne.io	1 redirects giveawayheadquarters.com madera.api.twyne.io
4	event.trk-keingent.com	trk-keingent.com
4	d3v6q7097edepm.cloudfront.net	giveawayheadquarters.com
4	cdnjs.cloudflare.com	giveawayheadquarters.com
4	fonts.googleapis.com	giveawayheadquarters.com d3v6q7097edepm.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com
2	cdn.trustedform.com	giveawayheadquarters.com api.trustedform.com
2	region1.google-analytics.com	www.googletagmanager.com
2	live.r3engage.com	www.googletagmanager.com live.r3engage.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	cdn.twyne.io	giveawayheadquarters.com
1	trk-keingent.com	giveawayheadquarters.com
1	create.lidstatic.com	giveawayheadquarters.com
1	ajax.googleapis.com	giveawayheadquarters.com
1	cdn.quilljs.com	giveawayheadquarters.com
1	unicons.iconscout.com	giveawayheadquarters.com
1	use.fontawesome.com	giveawayheadquarters.com
81	23

This site contains links to these domains. Also see Links.

Domain
the-solar-project.com

Subject Issuer	Validity	Valid
giveawayheadquarters.com Amazon RSA 2048 M01	`2023-02-22` - `2024-02-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
cdn.quilljs.com E1	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
twyne.io Amazon RSA 2048 M02	`2023-02-24` - `2024-02-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.r3engage.com Go Daddy Secure Certificate Authority - G2	`2022-11-28` - `2023-12-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
trk-keingent.com GTS CA 1P5	`2023-10-03` - `2024-01-01`	3 months	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://giveawayheadquarters.com/
Frame ID: 6A6CDD71AD2C23E360FA5F8A6B63E30F
Requests: 76 HTTP requests in this frame

Frame: https://madera.api.twyne.io//aserving/tk/99d6d327c8c94d8eb669bab366536cde
Frame ID: 8D40594DDE381A0CE75E24DBAC187749
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Frame ID: 234B08E6AB5579BF48BFE12BAF6D9F08
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Frame ID: 196D05C85690866E623EACF48041DA4F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GiveawayHeadquarters

Page URL History Show full URLs

http://giveawayheadquarters.com/ HTTP 301
https://giveawayheadquarters.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

98 %
HTTPS

57 %
IPv6

18
Domains

23
Subdomains

23
IPs

3
Countries

913 kB
Transfer

2035 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://the-solar-project.com/
Title: The-Solar-Project.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://giveawayheadquarters.com/ HTTP 301
https://giveawayheadquarters.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false

Request Chain 51

https://madera.api.twyne.io//link/css/111/427/master/false HTTP 302
https://cdn.twyne.io/madera/src/111/427/desktop/master.css

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
giveawayheadquarters.com/
Redirect Chain

http://giveawayheadquarters.com/
https://giveawayheadquarters.com/

88 KB
27 KB

1453ms
1269ms

Document
text/html

34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-218-144.compute-1.amazonaws.com

Software

nginx/1.23.1 / Express

Resource Hash

744eb866148e7a1c5d7fa74f140e40bd17fb1f0e53126b5bafad0e5cd77f66cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 12 Oct 2023 22:48:29 GMT
etag: W/"161cd-LpyQC/+zPl8VVhzjoL2xux9abpY"
server: nginx/1.23.1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Oct 2023 22:48:28 GMT
Location: https://giveawayheadquarters.com/
Server: nginx/1.23.1
Vary: Accept
X-Frame-Options: SAMEORIGIN
X-Powered-By: Express

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 46ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,900

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c17d9a054ea30febd213f03ec71a5b5fad931a5655d2c6af497a18899b84b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 22:48:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 22:48:29 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
12 KB 45ms
18ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://giveawayheadquarters.com/
Origin: https://giveawayheadquarters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1BPJXQERBZ4RES1S
age: 227496
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fc+FW7BqBzUU8fNjPGgF9/jcyxfYVZnyuQ5/UOiraU+wZlFMF+kURrtvqJZA6UOSQ3dA6RUAAjo=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzskFAQIsR%2F3HBXE6y5Z7xsdb8BsYrqabv2Le3aomVbYP%2F19pJ2pdCP6Y2FTnwMX9pwR7I3Ktjf3r93X0DOxqlyiqtP%2FAgZixoNHmMKcfaSR5uLKeEokI%2FFaPOBcIOuborso0PwMhQmf0aFS2DAOBuFx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8152e402c8cf3a60-FRA

GET
H2 200 bootstrap.min.css
giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/ 150 KB
23 KB 186ms
184ms Stylesheet
text/css 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/bootstrap.min.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:00:56 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap-grid.min.css
giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/ 47 KB
6 KB 95ms
93ms Stylesheet
text/css 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/bootstrap/bootstrap-grid.min.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: e6d573b7daafdee530dc4204ffb40f9bd192b3f65ed11a0bf02b18b909bca8a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:00:56 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 default.css
giveawayheadquarters.com/assets/css/ 6 KB
1 KB 95ms
93ms Stylesheet
text/css 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/assets/css/default.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: d0d98234577192702f3e5ce17fca3d7e5f5a8104da1af8095d235fbd6d49ce74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:00:55 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/ 71 KB
12 KB 98ms
96ms Stylesheet
text/css 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/main.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: e4f8c318b76ed2d33cc6fb467a86c4990c36319a2f049e96f5778014cb879886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:04:05 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 unicons.css
unicons.iconscout.com/release/v1.0.0/css/ 44 KB
8 KB 61ms
22ms Stylesheet
text/css 2606:4700::6812:1df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unicons.iconscout.com/release/v1.0.0/css/unicons.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8060215a04f5ecb9f4962d8a0250b0d33209a961032c590ef44d719fe17b4eb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
x-amz-version-id: WWE54nS28s98dAz7Vd2bu1yZJ7iAvmjD
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VTGMJY016PZ5NZB3
age: 1438239
cf-polished: origSize=66337
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: duNflw5+070Q7/D83IFENgyfKgzHfb7uYnJOg8sVytlo5Yh23L/64Y1ga8VPeaM5rjeriD1WcWA=
cf-bgj: minify
last-modified: Mon, 10 Feb 2020 07:21:56 GMT
server: cloudflare
etag: W/"a0735eaffd85e42868e15cd1ccecfa1c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
x-amz-meta-fl-original-last-modified: 2019-07-07T06:01:03Z
cf-ray: 8152e402dfe919ad-FRA
expires: Fri, 11 Oct 2024 22:48:29 GMT

GET
H2 200 quill.snow.css
cdn.quilljs.com/1.2.6/ 24 KB
4 KB 55ms
15ms Stylesheet
text/css 2606:4700:3108::ac42:28a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.2.6/quill.snow.css

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 22:22:28 UTC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 346365
etag: W/"9f6624fdd91fb800234c1afe33f6ecbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qu%2BFjD5MVizsIQtH4QKn37m%2FYNSSUnB41rAuTCiBgTi9IPVmR6382dp30pRcLNH7MvTv6D5h6Y%2FWyXheSSO5yKfjyYZm87BXl%2BuIkUvusi8QOVTF2AEI%2BCHd0%2FMUFYUsYbkhCoA%2BG9AAva0%2B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 8152e402ea0a4d25-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 82 KB
29 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 08:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 08:37:19 GMT

GET
H2 200 remodal.min.js Show response
giveawayheadquarters.com/assets/js/ 21 KB
5 KB 95ms
94ms Script
application/javascript 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/assets/js/remodal.min.js
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:00:55 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lander.js Show response
giveawayheadquarters.com/assets/js/ 66 KB
14 KB 184ms
183ms Script
application/javascript 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/assets/js/lander.js
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 862c14f98e26c754824f9a6841d0d447086b2d72a83f85d5ca03f82c09292424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:00:55 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 path-form.css
giveawayheadquarters.com/assets/css/ 191 B
395 B 93ms
92ms Stylesheet
text/css 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/assets/css/path-form.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:29 GMT
last-modified: Fri, 06 Oct 2023 18:00:55 GMT
server: nginx/1.23.1
content-type: text/css
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1643237575704
ppe-userenroll-assets.s3.amazonaws.com/ 7 KB
7 KB 350ms
131ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1643237575704
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3871365de86bff54974b8445829eb5ce9b5802d0c73219eb4a377d3a4154aba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:31 GMT
x-amz-meta-fieldname: image
Last-Modified: Wed, 26 Jan 2022 22:52:56 GMT
Server: AmazonS3
x-amz-request-id: ZTN47E6DBDHENSNV
ETag: "2e1a241a9878c9f823a746c3cc6c7c73"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 6676
x-amz-id-2: u94DB6E7Db/l06HPu5X372n/AWL4FAZdsisYiu2PJbt0sJPvSZTm0LstqvBpIlv043PhbtgU29d5kfgzhkpPVDtJR78wm/JYbSpyEY+HLRc=

GET
H2 200 form.js Show response
madera.api.twyne.io/assets/ 234 KB
235 KB 389ms
180ms Script
text/javascript 3.83.74.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://madera.api.twyne.io/assets/form.js
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.83.74.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-74-132.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a748992338ab53231a5b2730b955e20264cb64b7ea387d7e979bacbffd5a5de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
last-modified: Thu, 12 Oct 2023 19:05:39 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 239361
expires: Fri, 11 Oct 2024 19:05:39 GMT

GET
H/1.1 200
OK 1644250205701
ppe-userenroll-assets.s3.amazonaws.com/ 1 KB
2 KB 256ms
100ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1644250205701
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bbaa5817ad3718aecb9be59fa9bd87f795caf075d781ec6c5a84ad11c72d958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:31 GMT
x-amz-meta-fieldname: image
Last-Modified: Mon, 07 Feb 2022 16:10:06 GMT
Server: AmazonS3
x-amz-request-id: ZTN0J504GXQWD3ZF
ETag: "9d5590d34f7bc40a040902caa7ec3f5c"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1441
x-amz-id-2: Z8dSIrDWEq2JA2vsGJMcmmfkEmgZD7jkxpo1fTQUA6xQrmFBw2bPJy9kwGuqDvXvnmMG1t59QqzLAx5y/9YJMj8Y5uvBAQ3OtIqTsNIgceA=

GET
H/1.1 200
OK 1644250219640
ppe-userenroll-assets.s3.amazonaws.com/ 2 KB
2 KB 304ms
119ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1644250219640
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 736485ce01bed1915d399dcd5e201b8229b238c96b36edf52d7a37a386cf72f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:31 GMT
x-amz-meta-fieldname: image
Last-Modified: Mon, 07 Feb 2022 16:10:20 GMT
Server: AmazonS3
x-amz-request-id: ZTNASEDG565G75E3
ETag: "a3ffd8e9b52f1a7a7a8f6c76056bcc55"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1830
x-amz-id-2: wlqPcYVipbhEXx7cyyXWKhKosdhI5F2HSsGqEmKN16VOWCjL6MPx4jMUS3EXSNHxhDVlie58zycQusoCFN0EJnseTIbVm+6ryKg+EF8YZ4c=

GET
H/1.1 200
OK 1644250239424
ppe-userenroll-assets.s3.amazonaws.com/ 1 KB
2 KB 300ms
114ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1644250239424
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 590483af34f0f94631c70df478efc09b3ee7660a480a10189a976f28690465a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:31 GMT
x-amz-meta-fieldname: image
Last-Modified: Mon, 07 Feb 2022 16:10:40 GMT
Server: AmazonS3
x-amz-request-id: ZTNC66KJZAACB3WD
ETag: "645e6c83ebf3f599e1304c7dd3cd0aac"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1529
x-amz-id-2: G9V0s1+5yQchjiK/YClsueLZ4do8CR1DJC9jolKLbQWpcvS/DAvhfmp89y8KOLlT/9ZBTmUxuv7CicU0xvCRdriwJ57m6e5amYV1seO/SEY=

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 40ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 308271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mv%2FEZ6zgYV8UJpdSagzf0PC%2F%2BzV8tiVBRKcimCppcJceVXeWTcRZZo7KPhI2oEsLu5MQNkosVl%2B1%2Bmyznlg3XqnE6bBIgteKO1iXTFJWEOljbGTEDzv%2F%2BRRzDMdzkSVitC0g87Vi2HeLqQDvidF05Yv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8152e4040cc34d82-FRA
expires: Tue, 01 Oct 2024 22:48:30 GMT

GET
H2 200 deal.js Show response
giveawayheadquarters.com/themes/giveawayheadquarters/assets/js/ 6 KB
2 KB 94ms
93ms Script
application/javascript 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/js/deal.js
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 9293a3839f8df8ce2ef30ed75244d915ba4db113a835b6e18b48db462b1dd6da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:00:56 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
741 B 43ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://giveawayheadquarters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3104619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Thu, 22 Jun 2023 11:18:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942e1d-18a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsL%2FtTvmvA4Iw0fb3Vnk8%2BaxA1cP2dlWXvk9CH6M9zK17ryMK3N9hEbaxG7V6zafuPUnoCUhsKIwfO9ThNa3VTQmuGNPZ0kYFNn%2FFfU3QC3LK9kN6l6kkswrufPfQbOiMQWECTelo2sXo43rxEVV8edf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8152e40409809bca-FRA
expires: Tue, 01 Oct 2024 22:48:30 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
1 KB 42ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://giveawayheadquarters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1212430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYrnJXZaLbsbsPawpNMvTcm0pk0gSAtyq9IV1pMF5SQbRNWgrxspTZhu5VIiwZMcqo7aHBI%2Fuwmp%2F4hViQmLYrcbvLY4a4qIpXO0gGLM8RVDtHQT3ci9mIZogt%2FJBRTtQMihrEf1fbJyKV4Rics570SC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8152e404097f9bca-FRA
expires: Tue, 01 Oct 2024 22:48:30 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
9 KB 43ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://giveawayheadquarters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 250649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9283
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uf2qr4FauFvLrHj%2FInh5Zl6R1G9IPq8QNsDjqPmMlvKkYBos85UmGamSPdloWEkV2OKdu85OqW161eCM0MB%2BsAdvo2IDqyTqaPD%2FxwSfeMDR%2B98jRcKBL%2FO555V9o01%2FVeuY3Qa7Uix2TtBSdab312am"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8152e404097d9bca-FRA
expires: Tue, 01 Oct 2024 22:48:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
61 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHLJW28

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

111e69b95bf6db78782807989d6a9ba97b029e581a476213319347d2ba4f6773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61553
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 22:05:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Oct 2023 22:48:30 GMT

GET
H2 200 arrow-banner.png
giveawayheadquarters.com/themes/giveawayheadquarters/assets/img/ 2 KB
2 KB 94ms
93ms Image
image/png 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/img/arrow-banner.png
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: dc9188f5e7827164eed0d7a4a9ebe5e39211e350f1d30c1709f740603e2ba904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/themes/giveawayheadquarters/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
last-modified: Fri, 06 Oct 2023 18:00:56 GMT
server: nginx/1.23.1
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1829
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1670613906787
ppe-userenroll-assets.s3.amazonaws.com/ 82 KB
83 KB 295ms
117ms Image
image/png 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1670613906787
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1ff1bde3568d2b35a77cc5210f78021cf6fedf6d9361c1ceae9055656f88df2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:31 GMT
x-amz-meta-fieldname: image
Last-Modified: Fri, 09 Dec 2022 19:25:07 GMT
Server: AmazonS3
x-amz-request-id: ZTNA27JA136A46EC
ETag: "c39ecf7f3f9d8c6c0a057805811ff652"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 84146
x-amz-id-2: vQAtD3OJQ16ybl8CzByEAab+MAwSDETYS3oA5sfWMtA9fdCd2Hhply1Eh3pkRkPVDMz/NBmmLj+g4nb9WGY2nYwFlfm0bId/K8GcC9Nk2Qs=

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://giveawayheadquarters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 00:00:04 GMT
x-content-type-options: nosniff
age: 514106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 00:00:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://giveawayheadquarters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 23739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:12:51 GMT

GET
H/1.1 200
OK 1622 Show response
live.r3engage.com/ 5 KB
6 KB 212ms
31ms Script
text/javascript 34.248.165.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.r3engage.com/1622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHLJW28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.165.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-165-133.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash: de4740735fa3c7ddb5b85c2dfe8d6d20454849ca83ad0988c98a26fc8f2b363f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:30 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
Connection: keep-alive
X-Powered-By: PHP/7.2.26
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
82 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-23HJN8TRBE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHLJW28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

250434347690ba5153363078f96ad05f61f7d50dc8aa583d63d1900d5f50e17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Oct 2023 22:48:30 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 17ms
17ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=giveawayheadquarters.com%2F&tdp=G-23HJN8TRBE;83422649;1;2;0&z=0

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 50ms
50ms Image
image/gif 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=giveawayheadquarters.com%2F&tdp=G-23HJN8TRBE;83422649;1;2;0&z=0
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 22:48:30 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 30ms
29ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&es=1&e=gtm.init&eid=0&h=Ag&tr=1ccdemoutboundclick.1ccdemdownload.1ccdemvideo.1ccdemsitesearch.1ccdemscroll.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-23HJN8TRBE&gtm=45je3ab0&_p=1675265655&cid=453714353.1697150910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697150910&sct=1&seg=0&dl=https%3A%2F%2Fgiveawayheadquarters.com%2F&dt=GiveawayHeadquarters&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-23HJN8TRBE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 22:48:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveawayheadquarters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 16ms
15ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&es=1&e=gtag.config&eid=1&u=AAAAAAAIAAAAACCAAAE&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 19ms
18ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&e=gtm.init&eid=0&u=AAAAAAAIAAAAACCAAAE&h=Ag&tr=5ccdemoutboundclick.5ccdemdownload.5ccdemvideo.5ccdemsitesearch&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch&z=0

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 17ms
17ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&es=1&e=*&eid=7&u=AAAAAAAIAAAAACCAAAE&h=Ag&epr=1G.2G&z=0

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK r3engage.php Show response
live.r3engage.com/ 15 KB
15 KB 95ms
94ms Script
text/html 34.248.165.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.r3engage.com/r3engage.php?r3move=1&r3cache=0&testsess6876=9ca8026611d8341044d6a7cb38c60028&referrer=&fp=_&ce=a&res=b&cnv=f&ver=d&res_av=c&ver_os=e&campaign_id=1622&s1=&t1=&t2=&t3=
Requested by: Host: live.r3engage.com
URL: https://live.r3engage.com/1622
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.165.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-165-133.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash: 74edd88dbf37760129e4cb92afe07d688d40e0f50408ce56cbaecc91fb664e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Oct 2023 22:48:30 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.2.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 animate3.css
d3v6q7097edepm.cloudfront.net/css/ 71 KB
5 KB 37ms
8ms Stylesheet
text/css 2600:9000:225e:a000:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/css/animate3.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a000:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5549023d853f3c320a369d0488a225e0af4a4226f8728f2df9c375cfb00ec86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:26:54 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:33:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 66965
etag: W/"6cafe138e48efead0052fcf75e8d7ec1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: VoE3ntwcoliHHMphmcoj1j6R3ogpbWa1ztr-nZz50M6Ld7Mlvm1Mug==

GET
H2 200 font_style.css
d3v6q7097edepm.cloudfront.net/fonts/ 388 B
722 B 35ms
7ms Stylesheet
text/css 2600:9000:225e:a000:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a000:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c889d274343f4c399a643353e1e19e13f924fbbf3161c1f6d91ba6bb40c3fe14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 00:48:57 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jan 2020 16:59:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 79334
etag: "b1aefbe0145794b1b12df477e94590fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 388
x-amz-cf-id: WUMFag4pky2eTFy9npop4WU0pmNL4lMxSgA3Bd1kApndAdMTGT9JWg==

GET
H2 206 1kb.mp3
d3v6q7097edepm.cloudfront.net/mp3/ 1 KB
1 KB 32ms
9ms Media
audio/mp3 2600:9000:225e:a000:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a000:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff

Request headers

Referer: https://giveawayheadquarters.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 12 Oct 2023 06:59:40 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:32:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 56931
etag: "2fab401479fc569b1d333e5c561fa50a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-1151/1152
accept-ranges: bytes
x-amz-cf-id: CH-SE270z7TaoDKmNTq43l323KX0-OV6EfMkx9KqqwafXWY7kfIDYg==
Content-Length: 1152

GET
H2 200 css
fonts.googleapis.com/ 1 KB
607 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One

Requested by

Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c49d86e59d9e270c849e4f402f809b8cd80c49fba704ccbc843ffb1b31a69fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3v6q7097edepm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 22:30:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 22:48:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster

Requested by

Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d1ceb3990e7966995593bbf7c48c9d8127666ab8f3ef1e220143ec83f05ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3v6q7097edepm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 22:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 22:48:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
599 B 27ms
26ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,300,600,700

Requested by

Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3v6q7097edepm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 22:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 22:48:30 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false

8 KB
3 KB

150ms
113ms

Script
application/javascript

2600:9000:223d:8000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Server: 2600:9000:223d:8000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a76d88b7b1a45847972eb466049e9cf80efdba8c87b1ade5ba4fbbd683560ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:31 GMT
x-amz-version-id: YdFZ_HTfVRPt8KhmE7xqqw9DhZRwrykq
content-encoding: gzip
last-modified: Mon, 09 Oct 2023 18:29:37 GMT
server: AmazonS3
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"b344d68cffc8ea1db29bf1fd47d218f0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: cxB4EiV0JCk9rnjizAoncohN5jKtvp-ZgqDJqgKVadErmUebaq2Z0Q==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false
date: Thu, 12 Oct 2023 22:48:30 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 45ms
17ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88c005e8d08c6760c2cbbf77899d86bf6967d328a6e733b807cbccf73453c54a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
x-amz-version-id: vWYFVBaTDG1jLQMntW2oNYlUM20yL4Wi
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 12 Nov 2021 01:22:24 GMT
server: cloudflare
x-amz-request-id: 39M6E67B7DDA6KHN
age: 1332
etag: W/"cb532b954b1c0bdd8f25f1ffc75a56be"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 8152e4070fc0922b-FRA
x-amz-id-2: MxpiyFiAKEDvNaGyq9GIZJtcDUCpftmiGJ1bgmQPJ354bfIZTMjIKDLdZpj5L8T/cEaziz97n/Q=

GET
H2 200 remodal.min.js Show response
giveawayheadquarters.com/assets/js/ 21 KB
5 KB 94ms
93ms Script
application/javascript 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawayheadquarters.com/assets/js/remodal.min.js
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-218-144.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 18:00:55 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://giveawayheadquarters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:17:36 GMT
x-content-type-options: nosniff
age: 16254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:17:36 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 357ms
155ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f5ad8114-5084-47df-ba5c-4cb6350f00f2&_=886793315

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

785b12315132be4a36980d2ad1137795518ad0ed6b4a2b58c165f8d65823a2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 l8empmzekr Show response
trk-keingent.com/scripts/push/script/ 7 KB
3 KB 386ms
358ms Script
application/javascript 2606:4700:e2::ac40:8a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-keingent.com/scripts/push/script/l8empmzekr?url=giveawayheadquarters.com&alturl=/

Requested by

Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e1242115aba8e08755071ae74db3709bd8f499a12c320f4a569bf1db478498

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:31 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Oct 2023 22:48:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoegNcVxyqJ4UUK7XZi1OpdFyhf6fSzPDoMogGhCiWO8op9cr4H%2FH0yyCBlcsLIbC56gT8cbyg%2BX1CAPhegyb0H7TOZuQIP%2F%2BIgZMLyLPnZRW54PJNTX%2BEMyxTEkgHhdyme4nPfUaeL19L9Q9Li2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8152e4079f042be8-FRA
expires: 0

GET
H2 200 99d6d327c8c94d8eb669bab366536cde Show response
madera.api.twyne.io//aserving/tk/ Frame 8D40 0
540 B 92ms
92ms Document
text/plain 3.83.74.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://madera.api.twyne.io//aserving/tk/99d6d327c8c94d8eb669bab366536cde
Requested by: Host: madera.api.twyne.io
URL: https://madera.api.twyne.io/assets/form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.83.74.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-74-132.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://giveawayheadquarters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 0
date: Thu, 12 Oct 2023 22:48:30 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 default.css
madera.api.twyne.io//static/css/adserve-default/ 244 B
750 B 92ms
91ms Stylesheet
text/css 3.83.74.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://madera.api.twyne.io//static/css/adserve-default/default.css?version=13.91
Requested by: Host: madera.api.twyne.io
URL: https://madera.api.twyne.io/assets/form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.83.74.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-74-132.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5808bde73645ede892bdd885fbae3e7958e5ac0790f10ffc3878e6669cddc5ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
last-modified: Mon, 19 Jul 2021 13:52:04 GMT
server: Microsoft-IIS/10.0
etag: "09a6f41a57cd71:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 244

GET
H/1.1

200
OK

master.css
cdn.twyne.io/madera/src/111/427/desktop/
Redirect Chain

https://madera.api.twyne.io//link/css/111/427/master/false
https://cdn.twyne.io/madera/src/111/427/desktop/master.css

44 KB
44 KB

59ms
20ms

Stylesheet
text/css

13.32.121.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.twyne.io/madera/src/111/427/desktop/master.css
Requested by: Host: giveawayheadquarters.com
URL: https://giveawayheadquarters.com/
Protocol: HTTP/1.1
Server: 13.32.121.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-28.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83eab92cb0898589e54c50ff779dc7b9883d1e247117069c21e7007b8bcd28fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:47:00 GMT
Via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
Last-Modified: Thu, 09 Feb 2023 16:08:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P1
Age: 91
ETag: "332cf82696076fa9cbaebb13322a347c"
x-amz-meta-type: text/css
Content-Type: text/css
X-Cache: Hit from cloudfront
x-amz-meta-filename
Connection: keep-alive
x-amz-meta-size: 43.79 KB
Content-Length: 44844
X-Amz-Cf-Id: EiN8z93DnK_1xfJ-MNZq7KZiCUlXB9zwl5gSQsWyg7Xn_1S0RkZ63g==

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 22:48:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
location: https://cdn.twyne.io/madera/src/111/427/desktop/master.css
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 index Show response
madera.api.twyne.io//aserving/ 37 B
620 B 215ms
215ms Script
text/javascript 3.83.74.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://madera.api.twyne.io//aserving/index?pid=111&sid=427&first=&last=&email=&address1=&address2=&city=&gender=&state=&zip=&phone=&dob=%2F%2F&istest=n&externalgroup=Hokbm-BRq1Uou-wu-DDq&country=US&subid1=1439-&subid2=&twid=99d6d327c8c94d8eb669bab366536cde&domainUrl=https%3A%2F%2Fgiveawayheadquarters.com%2F&optout=false
Requested by: Host: madera.api.twyne.io
URL: https://madera.api.twyne.io/assets/form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.83.74.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-74-132.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5194fc85988fb4e6000db4a1e942100374a9de7ba3e6d716a114d99e157ebbc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 22:48:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: no-cache
content-length: 37
expires: -1

POST
H2 200 submit Show response
giveawayheadquarters.com/api/session/ 31 KB
10 KB 154ms
153ms XHR
application/json 34.206.218.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://giveawayheadquarters.com/api/session/submit

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.206.218.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-218-144.compute-1.amazonaws.com

Software

nginx/1.23.1 / Express

Resource Hash

c6bd929bdc6a4988e364bb0345d3419e5be6c35af902bae7f0af4abb033d189b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://giveawayheadquarters.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 12 Oct 2023 22:48:30 GMT
content-encoding: gzip
server: nginx/1.23.1
x-powered-by: Express
etag: W/"7cda-QX9cv8fsq97atOWdJQrc2TX7TCk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 234B 3 KB
2 KB 46ms
8ms Document
text/html 13.32.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-225.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://giveawayheadquarters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 60548
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 12 Oct 2023 05:59:22 GMT
ETag: W/"64d2bf08-dbb"
Last-Modified: Tue, 08 Aug 2023 22:17:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
X-Amz-Cf-Id: BM2aLHMirwJy53n8qsCNtufiHfFZBhOlUG1JH_Y6c5UTXspzOJ_hFA==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 94ms
94ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=f5ad8114-5084-47df-ba5c-4cb6350f00f2&token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&_=886793316

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Oct 2023 22:48:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 175ms
174ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=f5ad8114-5084-47df-ba5c-4cb6350f00f2&token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&_=886793317

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Oct 2023 22:48:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 196D 4 KB
2 KB 301ms
90ms Document
text/html 44.209.230.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.230.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-230-36.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Thu, 12 Oct 2023 22:48:31 GMT
etag: W/"651c88fc-1049"
expires: Fri, 13 Oct 2023 22:48:31 GMT
last-modified: Tue, 03 Oct 2023 21:34:52 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 196D 0
626 B 278ms
95ms Script
text/javascript 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&methods=48&token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&uuid=fe113a489df747aa9a05fb6bc7cd95e2

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 373ms
191ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=f5ad8114-5084-47df-ba5c-4cb6350f00f2&token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&_=886793318

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Oct 2023 22:48:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 274ms
92ms XHR
application/json 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 85462ef95a6f1dfe1a03cd25bcd099430aa2d56f940e146f16705e11811a8e36

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 22:48:31 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.9.3.js Show response
cdn.trustedform.com/ 84 KB
33 KB 13ms
12ms Script
application/javascript 2600:9000:223d:8000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16971509105290.5668088648114182&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:8000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec3dba88e0b5374439c23448ca4d34a999e9f08bcaa5e44f058397201fb6b4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 7O5V6jq2s2Z07whTQpyrcP1MCTtgwEP.
content-encoding: gzip
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
date: Thu, 12 Oct 2023 22:48:02 GMT
last-modified: Mon, 09 Oct 2023 18:29:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 30
etag: W/"02936930bfbc8e968a050052f7ee268b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G90TGIpVgLSD3fu029Kj9QhDYeFT4ckO31qwc8CeLLJDsd_gz1VPfQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/ 0
159 B 183ms
182ms XHR
text/plain 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 12 Oct 2023 22:48:32 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/ 0
159 B 179ms
178ms XHR
text/plain 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 12 Oct 2023 22:48:32 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H/1.1 200
OK 1643237575704
ppe-userenroll-assets.s3.amazonaws.com/ 7 KB
7 KB 103ms
102ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1643237575704
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3871365de86bff54974b8445829eb5ce9b5802d0c73219eb4a377d3a4154aba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:32 GMT
x-amz-meta-fieldname: image
Last-Modified: Wed, 26 Jan 2022 22:52:56 GMT
Server: AmazonS3
x-amz-request-id: HAARH0BJ4T85WY1P
ETag: "2e1a241a9878c9f823a746c3cc6c7c73"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 6676
x-amz-id-2: O1L+nm/xx0kwALqEPRHPRnzq7ZfLKKVB6STn2ZYWXp1FFu5bnym9XNF95mwNM1lkp0ApWmGrC5QqQGukp4vvm8WyGRvRpIhgxeZ2Apo8AL0=

GET
H/1.1 200
OK 1644250205701
ppe-userenroll-assets.s3.amazonaws.com/ 1 KB
2 KB 103ms
102ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1644250205701
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bbaa5817ad3718aecb9be59fa9bd87f795caf075d781ec6c5a84ad11c72d958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:32 GMT
x-amz-meta-fieldname: image
Last-Modified: Mon, 07 Feb 2022 16:10:06 GMT
Server: AmazonS3
x-amz-request-id: HAAN96Z6WV290ZJQ
ETag: "9d5590d34f7bc40a040902caa7ec3f5c"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1441
x-amz-id-2: uFimLbdX1pX85CCtbYPhBcait3/sHT9nV+HimpNWCq0vu6J+mIBxxyOPYyEHAIgDdq1LakHu+3lFkGIeXhWk4XkHdpJytZ4TTxtsHVcIeoA=

GET
H/1.1 200
OK 1644250219640
ppe-userenroll-assets.s3.amazonaws.com/ 2 KB
2 KB 103ms
102ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1644250219640
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 736485ce01bed1915d399dcd5e201b8229b238c96b36edf52d7a37a386cf72f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:32 GMT
x-amz-meta-fieldname: image
Last-Modified: Mon, 07 Feb 2022 16:10:20 GMT
Server: AmazonS3
x-amz-request-id: HAAKQJXD0KXN89CP
ETag: "a3ffd8e9b52f1a7a7a8f6c76056bcc55"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1830
x-amz-id-2: gsoxHRCldRNba0lLj0iMDvZTARl9D47YiVwHHRFmcmM/Nc2WuxM4eGpqCAWuJ7pj2JzMgzaQN0xRpB6LMC9z7LEoNMNSy7/2wAMYHN3avGE=

GET
H/1.1 200
OK 1644250239424
ppe-userenroll-assets.s3.amazonaws.com/ 1 KB
2 KB 101ms
101ms Image
application/octet-stream 3.5.29.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1644250239424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 590483af34f0f94631c70df478efc09b3ee7660a480a10189a976f28690465a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:48:32 GMT
x-amz-meta-fieldname: image
Last-Modified: Mon, 07 Feb 2022 16:10:40 GMT
Server: AmazonS3
x-amz-request-id: HAAH7QTNY4HH5EVK
ETag: "645e6c83ebf3f599e1304c7dd3cd0aac"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1529
x-amz-id-2: Iu5VvzX/IY24Vz+DMDIuoq3W+PUwIR6gdVD4Y4qJXQRM40rJROXx65LwDfztxsEmKnr1eD1fg6DT7l0Rh6h/Jb9dLKXKUhq/qV7QyYF27es=

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 206 1kb.mp3
d3v6q7097edepm.cloudfront.net/mp3/ 1 KB
1 KB 8ms
8ms Media
audio/mp3 2600:9000:225e:a000:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a000:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff

Request headers

Referer: https://giveawayheadquarters.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 12 Oct 2023 06:59:40 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:32:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 56932
etag: "2fab401479fc569b1d333e5c561fa50a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-1151/1152
accept-ranges: bytes
x-amz-cf-id: JcUyzaDgsbCT3Maro-eyKAH4k7k5RQBH_t7f8BtJoqbZcroSjO52nA==
Content-Length: 1152

POST
H2 204 events
api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/ 0
159 B 92ms
92ms Ping
text/plain 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 12 Oct 2023 22:48:31 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 w9glr0w6g2
event.trk-keingent.com/register/event_log/ 0
0 101ms
100ms Fetch 2606:4700:e2::ac40:8a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-keingent.com/register/event_log/w9glr0w6g2

Requested by

Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/l8empmzekr?url=giveawayheadquarters.com&alturl=/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 12 Oct 2023 22:48:32 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNqpIB8fjcZTjxHgVIWg%2FBhLVYgp2IUMs%2FSX2K5Eag%2FhgtE5HX6%2Fw945GZ1Oyn6VFwAqo%2FGQUQRXf%2B4PQqokI6tW1eedNqPhb2XAws7yMxmu0JG%2B31GrhytqnniYhXkQ5cCU%2FNPIBARZ%2ByHb%2BIiurfXwFcH%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8152e41148ab65dd-FRA
x-pushplatformapp-params

OPTIONS
H2 200 w9glr0w6g2
event.trk-keingent.com/register/event_log/ Frame 0
0 129ms
99ms Preflight 2606:4700:e2::ac40:8a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-keingent.com/register/event_log/w9glr0w6g2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://giveawayheadquarters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8152e410a82f65dd-FRA
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
date: Thu, 12 Oct 2023 22:48:32 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF4AJ7HqsLmoIFJkHQ8Qu5O9x1vHE95vuanZcPt1Xi2lYCAo2fMafr7%2BVC0hLs6DxAho5U1YqpGgGiItUbyfCw6ga%2Fzw3bXf8FNpS8Jp0nsHkD06LaJFfOLIl%2FU5znmhYq5tGtC5IHHSdr48tceptuAfjQ44"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 200 w9glr0w6g2
event.trk-keingent.com/register/event_log/ Frame 0
0 383ms
354ms Preflight 2606:4700:e2::ac40:8a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-keingent.com/register/event_log/w9glr0w6g2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://giveawayheadquarters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8152e410a82d65dd-FRA
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
date: Thu, 12 Oct 2023 22:48:32 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjVf5y%2FCzAaSP6HIx9HIVEsMtzCcE7ekSq34wUTVRP5cHDAn%2BaY5CLC57y1wIWDGu9OFt%2Fo6tgeSPL%2F8JRuRti9Gw50ZZJDvdmF8xP2IBR806K1YYdAlCMxERZjhWGwo2QDqCg0X8UqmiiQNxCnnwpJVE4rY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 w9glr0w6g2
event.trk-keingent.com/register/event_log/ 0
0 364ms
363ms Fetch 2606:4700:e2::ac40:8a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-keingent.com/register/event_log/w9glr0w6g2

Requested by

Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/l8empmzekr?url=giveawayheadquarters.com&alturl=/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e2::ac40:8a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 12 Oct 2023 22:48:32 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC2wSLp0LiRCPbp%2Bxy5rox%2FQqGWtxBrcJWlioOas1Sd3VbjMkBo33qFKQdDnDeRaCVXb%2BSc5424V3JMN4tTQDocd7R11ZdkPKose%2FgvSxTDxDTKVuDYk08m4vtKUusdnB4IWPtjNx2F4vsnoyngj7Txe8P8h"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8152e412e9fc3738-FRA
x-pushplatformapp-params

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 15ms
14ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&es=1&e=gtm.load&eid=9&u=AgAAAAAIAAAAACCAAAE&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:32 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 95ms
95ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=f5ad8114-5084-47df-ba5c-4cb6350f00f2&token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&_=886793319

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Oct 2023 22:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 96ms
96ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=f5ad8114-5084-47df-ba5c-4cb6350f00f2&token=9D0542CE-11B5-CC80-0490-F70AD19EEEA9&_=886793320

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Oct 2023 22:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/ 0
159 B 93ms
93ms XHR
text/plain 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3822f3c6a60a484028b5b9d88ee1d9cbfd3802c0/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://giveawayheadquarters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 12 Oct 2023 22:48:32 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 20ms
19ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-23HJN8TRBE&v=3&t=t&pid=1125363824&cv=1&rv=3ab0&tc=10&es=1&e=gtm.historyChange-v2&eid=10&u=AgAAAAAIAAAAACCAAAE&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:48:32 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-23HJN8TRBE&gtm=45je3ab0&_p=1675265655&cid=453714353.1697150910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697150910&sct=1&seg=0&dl=https%3A%2F%2Fgiveawayheadquarters.com%2F&dt=GiveawayHeadquarters&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-23HJN8TRBE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giveawayheadquarters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 22:48:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveawayheadquarters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
giveawayheadquarters.com/	1970-01-21 00:11:26	Name: _psession Value: 4837a873-f53d-4ce5-9125-d69aa563f934
.giveawayheadquarters.com/	1970-01-21 01:01:50	Name: _ga Value: GA1.1.453714353.1697150910
.giveawayheadquarters.com/	1970-01-21 01:01:50	Name: _ga_23HJN8TRBE Value: GS1.1.1697150910.1.0.1697150910.0.0.0
.giveawayheadquarters.com/	1970-01-20 16:10:36	Name: r3sess6876 Value: 9ca8026611d8341044d6a7cb38c60028
.giveawayheadquarters.com/	1970-01-21 00:13:00	Name: R3_SESSID_JS Value: 9ca8026611d8341044d6a7cb38c60028
madera.api.twyne.io/	1970-01-20 15:35:55	Name: AWSALBCORS Value: 9Ik9xn/6Tdi5Du+Kdq8xT5Y/8XZOTlO4/I1gaw/FdM7QqTJkW7YjEnOtNlzt6TBW/gfzG3mNY4dpGRERjEvPt/4bmniLxr0gokVVMN1FrrjQMo8M2nPuB7xS+OKu
giveawayheadquarters.com/	1970-01-20 15:25:51	Name: leadid_token-934E3705-AE01-D5F3-9E2B-B9A54E634C7A-CBBC58D7-CA44-C52F-1907-DC09FB320ED4 Value: 9D0542CE-11B5-CC80-0490-F70AD19EEEA9
.deviceid.trueleadid.com/	1970-01-21 01:01:50	Name: uuid Value: fe113a489df747aa9a05fb6bc7cd95e2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://giveawayheadquarters.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.quilljs.com
cdn.trustedform.com
cdn.twyne.io
cdnjs.cloudflare.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d3v6q7097edepm.cloudfront.net
deviceid.trueleadid.com
event.trk-keingent.com
fonts.googleapis.com
fonts.gstatic.com
giveawayheadquarters.com
live.r3engage.com
madera.api.twyne.io
ppe-userenroll-assets.s3.amazonaws.com
region1.google-analytics.com
trk-keingent.com
unicons.iconscout.com
use.fontawesome.com
www.googletagmanager.com
13.32.121.28
13.32.23.225
2001:4860:4802:32::36
2600:9000:223d:8000:1c:7f1a:6680:93a1
2600:9000:225e:a000:13:7c59:6e80:21
2606:4700:10::ac43:29e5
2606:4700:3108::ac42:28a9
2606:4700::6811:190e
2606:4700::6812:1df3
2606:4700:e0::ac40:670b
2606:4700:e2::ac40:8a07
2a00:1450:4001:80b::200a
2a00:1450:4001:811::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:82b::2003
3.211.188.32
3.211.97.59
3.5.29.190
3.83.74.132
34.206.218.144
34.248.165.133
44.209.230.36
44.210.169.31
0a748992338ab53231a5b2730b955e20264cb64b7ea387d7e979bacbffd5a5de
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
111e69b95bf6db78782807989d6a9ba97b029e581a476213319347d2ba4f6773
1ff1bde3568d2b35a77cc5210f78021cf6fedf6d9361c1ceae9055656f88df2f
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
250434347690ba5153363078f96ad05f61f7d50dc8aa583d63d1900d5f50e17d
29c17d9a054ea30febd213f03ec71a5b5fad931a5655d2c6af497a18899b84b2
3871365de86bff54974b8445829eb5ce9b5802d0c73219eb4a377d3a4154aba1
3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4a76d88b7b1a45847972eb466049e9cf80efdba8c87b1ade5ba4fbbd683560ad
4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5194fc85988fb4e6000db4a1e942100374a9de7ba3e6d716a114d99e157ebbc2
5808bde73645ede892bdd885fbae3e7958e5ac0790f10ffc3878e6669cddc5ac
590483af34f0f94631c70df478efc09b3ee7660a480a10189a976f28690465a5
5bbaa5817ad3718aecb9be59fa9bd87f795caf075d781ec6c5a84ad11c72d958
5c49d86e59d9e270c849e4f402f809b8cd80c49fba704ccbc843ffb1b31a69fe
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
736485ce01bed1915d399dcd5e201b8229b238c96b36edf52d7a37a386cf72f1
744eb866148e7a1c5d7fa74f140e40bd17fb1f0e53126b5bafad0e5cd77f66cb
74edd88dbf37760129e4cb92afe07d688d40e0f50408ce56cbaecc91fb664e4a
77d1ceb3990e7966995593bbf7c48c9d8127666ab8f3ef1e220143ec83f05ae6
785b12315132be4a36980d2ad1137795518ad0ed6b4a2b58c165f8d65823a2e8
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8060215a04f5ecb9f4962d8a0250b0d33209a961032c590ef44d719fe17b4eb3
83eab92cb0898589e54c50ff779dc7b9883d1e247117069c21e7007b8bcd28fa
85462ef95a6f1dfe1a03cd25bcd099430aa2d56f940e146f16705e11811a8e36
862c14f98e26c754824f9a6841d0d447086b2d72a83f85d5ca03f82c09292424
88c005e8d08c6760c2cbbf77899d86bf6967d328a6e733b807cbccf73453c54a
9293a3839f8df8ce2ef30ed75244d915ba4db113a835b6e18b48db462b1dd6da
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
a5549023d853f3c320a369d0488a225e0af4a4226f8728f2df9c375cfb00ec86
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87
c6bd929bdc6a4988e364bb0345d3419e5be6c35af902bae7f0af4abb033d189b
c7e1242115aba8e08755071ae74db3709bd8f499a12c320f4a569bf1db478498
c889d274343f4c399a643353e1e19e13f924fbbf3161c1f6d91ba6bb40c3fe14
d0d98234577192702f3e5ce17fca3d7e5f5a8104da1af8095d235fbd6d49ce74
d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
dc9188f5e7827164eed0d7a4a9ebe5e39211e350f1d30c1709f740603e2ba904
de4740735fa3c7ddb5b85c2dfe8d6d20454849ca83ad0988c98a26fc8f2b363f
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8c318b76ed2d33cc6fb467a86c4990c36319a2f049e96f5778014cb879886
e6d573b7daafdee530dc4204ffb40f9bd192b3f65ed11a0bf02b18b909bca8a8
ec3dba88e0b5374439c23448ca4d34a999e9f08bcaa5e44f058397201fb6b4fa
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

giveawayheadquarters.com Open in urlscan Pro 34.206.218.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

98 %HTTPS

57 %IPv6

18 Domains

23 Subdomains

23 IPs

3 Countries

913 kBTransfer

2035 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

giveawayheadquarters.com Open in urlscan Pro
34.206.218.144 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

98 %
HTTPS

57 %
IPv6

18
Domains

23
Subdomains

23
IPs

3
Countries

913 kB
Transfer

2035 kB
Size

8
Cookies

81 HTTP transactions
1 data transactions