URL: https://hid.gcwinner.com/
Submission: On January 23 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 1 countries across 8 domains to perform 46 HTTP transactions. The main IP is 162.0.235.221, located in United States and belongs to NAMECHEAP-NET, US. The main domain is hid.gcwinner.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 23rd 2022. Valid for: a year.
This is the only time hid.gcwinner.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
29 162.0.235.221 22612 (NAMECHEAP...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 54.230.48.245 16509 (AMAZON-02)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
1 7 35.190.43.134 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
46 8
Apex Domain
Subdomains
Transfer
29 gcwinner.com
hid.gcwinner.com
1 MB
7 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 922
tr6.snapchat.com — Cisco Umbrella Rank: 1368
2 KB
3 trk-tempore.com
trk-tempore.com
event.trk-tempore.com
3 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
216 B
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 12954
5 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1260
36 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
68 KB
46 8
Domain Requested by
29 hid.gcwinner.com hid.gcwinner.com
6 tr.snapchat.com 1 redirects sc-static.net
2 pixel.tapad.com 2 redirects
2 event.trk-tempore.com hid.gcwinner.com
2 www.facebook.com hid.gcwinner.com
2 a.mgid.com hid.gcwinner.com
2 sc-static.net hid.gcwinner.com
tr.snapchat.com
2 connect.facebook.net hid.gcwinner.com
connect.facebook.net
1 tr6.snapchat.com sc-static.net
1 trk-tempore.com hid.gcwinner.com
46 10

This site contains links to these domains. Also see Links.

Domain
v1-dewalt.reward-depot.com
Subject Issuer Validity Valid
hid.gcwinner.com
Sectigo RSA Domain Validation Secure Server CA
2022-07-23 -
2023-07-23
a year crt.sh
trk-tempore.com
E1
2023-12-28 -
2024-03-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-11-02 -
2024-01-31
3 months crt.sh
sc-static.net
Amazon RSA 2048 M03
2023-12-21 -
2025-01-18
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-11 -
2024-04-10
a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-12
a year crt.sh

This page contains 3 frames:

Primary Page: https://hid.gcwinner.com/
Frame ID: B7C70E0F7AB548DDF913148443FA6A21
Requests: 42 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&u_scsid=9716a396-2158-45b1-a0f3-f6d46058b9ae&u_sclid=a08c29e1-39a9-44a1-b45d-d379da350c38
Frame ID: 0969B41520C7E4506991566E6811D42B
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1706036338143&pnid=140&pcid=1745834f-846b-4069-8dc5-38ef5e278b16
Frame ID: BDE2381BF8C2810097D3768D5F8E66CE
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Survey Rewards

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

37 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

8
IPs

1
Countries

1145 kB
Transfer

1442 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1706043762338&u_scsid=2de5f57f-4be3-4b65-b7e2-208df46efbd0&u_sclid=a8806405-9269-4f42-b397-24ab3ce1374c HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706036338143%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706036338143%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1706036338143&pnid=140&pcid=1745834f-846b-4069-8dc5-38ef5e278b16

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
hid.gcwinner.com/
38 KB
7 KB
Document
General
Full URL
https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
129236a5b2929fee5883fcf0a0ad3d11e78412845f7289c62291c5e3671a1f1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
7301
content-type
text/html
date
Tue, 23 Jan 2024 21:02:40 GMT
last-modified
Thu, 18 Aug 2022 20:38:46 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
mgsensor.js.download
hid.gcwinner.com/Survey%20Rewards_files/
15 KB
15 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/mgsensor.js.download
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
15704
content-type
application/octet-stream
scevent.min.js.download
hid.gcwinner.com/Survey%20Rewards_files/
18 KB
18 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/scevent.min.js.download
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
18150
content-type
application/octet-stream
399694290689525
hid.gcwinner.com/Survey%20Rewards_files/
305 KB
306 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/399694290689525
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
312521
fbevents.js.download
hid.gcwinner.com/Survey%20Rewards_files/
99 KB
99 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/fbevents.js.download
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
101524
content-type
application/octet-stream
jquery.min.js.download
hid.gcwinner.com/Survey%20Rewards_files/
87 KB
88 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/jquery.min.js.download
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
89476
content-type
application/octet-stream
styshllcd.css
hid.gcwinner.com/Survey%20Rewards_files/
20 KB
5 KB
Stylesheet
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/styshllcd.css
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
81c3dbc9586969659eaf448aff5a0d29d9baec30d5feb86b9a7164cfe736835e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
content-encoding
br
last-modified
Sun, 10 Jul 2022 03:33:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4805
expires
Tue, 30 Jan 2024 21:02:40 GMT
msg.js.download
hid.gcwinner.com/Survey%20Rewards_files/
941 B
1 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/msg.js.download
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
941
content-type
application/octet-stream
v9e118mez8
hid.gcwinner.com/Survey%20Rewards_files/
7 KB
7 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/v9e118mez8
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
6938
fbcode1.js.download
hid.gcwinner.com/Survey%20Rewards_files/
2 KB
2 KB
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/fbcode1.js.download
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:18 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
1715
content-type
application/octet-stream
flaglogo.png
hid.gcwinner.com/Survey%20Rewards_files/
2 KB
2 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/flaglogo.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
last-modified
Wed, 18 May 2022 15:37:18 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1781
expires
Tue, 30 Jan 2024 21:02:40 GMT
giftcard.png
hid.gcwinner.com/Survey%20Rewards_files/
142 KB
142 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/giftcard.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b86a268f6499796b7be385ba7c45dcb4b9b07417f64e4872494131b4f737a580

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:40 GMT
last-modified
Sun, 10 Jul 2022 05:09:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
145297
expires
Tue, 30 Jan 2024 21:02:40 GMT
loading.gif
hid.gcwinner.com/Survey%20Rewards_files/
1 KB
2 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/loading.gif
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:18 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1457
expires
Tue, 30 Jan 2024 21:02:41 GMT
fb-check.jpg
hid.gcwinner.com/Survey%20Rewards_files/
646 B
847 B
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/fb-check.jpg
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:18 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
646
expires
Tue, 30 Jan 2024 21:02:41 GMT
carty.png
hid.gcwinner.com/Survey%20Rewards_files/
4 KB
4 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/carty.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
e56636edb3521e167a84d2489deec01084b62eb67bed2101b3db7fc1a73e8539

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:18 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3976
expires
Tue, 30 Jan 2024 21:02:41 GMT
cartblack.png
hid.gcwinner.com/Survey%20Rewards_files/
1 KB
1 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/cartblack.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
bb640067b5d233f221c2a280bb5be089cc087a872941ae5f588f8230b60bee40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:18 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1031
expires
Tue, 30 Jan 2024 21:02:41 GMT
1.jpg
hid.gcwinner.com/Survey%20Rewards_files/
49 KB
50 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/1.jpg
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
316a6975de3078b71f6d0c0f92ac22b0f4586e6d048ed7808339e6b5e3cface2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:18 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
50556
expires
Tue, 30 Jan 2024 21:02:41 GMT
like.png
hid.gcwinner.com/Survey%20Rewards_files/
51 KB
51 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/like.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
3dc08e38fdf43aacbddfd66aa1296477ca8debc634f4d046b968bef1f1422ec0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
52462
expires
Tue, 30 Jan 2024 21:02:41 GMT
heart.png
hid.gcwinner.com/Survey%20Rewards_files/
2 KB
2 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/heart.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
7ca149b3cceff96e46271c81bc29cb4ecc52e44ee015e539a67dbdc55a41b90a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1649
expires
Tue, 30 Jan 2024 21:02:41 GMT
2.jpg
hid.gcwinner.com/Survey%20Rewards_files/
53 KB
53 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/2.jpg
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
63538636408d694425020b341235e224b91a191cd704704649e00b970c91bdf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
54538
expires
Tue, 30 Jan 2024 21:02:41 GMT
yay.png
hid.gcwinner.com/Survey%20Rewards_files/
3 KB
4 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/yay.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
89c620db5c942f519d01f1fb1a8af66d054e0389e325540158c60b7a1bd3fe33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3539
expires
Tue, 30 Jan 2024 21:02:41 GMT
3.jpg
hid.gcwinner.com/Survey%20Rewards_files/
48 KB
48 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/3.jpg
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
59cc1d4bffd1ff0dc79947be1723f97ab0e32018791c0981b096cd2b60351231

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
48729
expires
Tue, 30 Jan 2024 21:02:41 GMT
4.jpg
hid.gcwinner.com/Survey%20Rewards_files/
50 KB
51 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/4.jpg
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
d8c52e741d2269191bf4d7350e1b46ce419515da20bfee8a7230561862027269

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
51660
expires
Tue, 30 Jan 2024 21:02:41 GMT
wow.png
hid.gcwinner.com/Survey%20Rewards_files/
2 KB
2 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/wow.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
ba1ca1f5946be5d7901bc3167808211a24036f1a0a56f7dafcc2aaca0c8d8ced

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2118
expires
Tue, 30 Jan 2024 21:02:41 GMT
5.jpg
hid.gcwinner.com/Survey%20Rewards_files/
46 KB
46 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/5.jpg
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c3401ff0b047bd896a0f6e22c032b6b5d01bf6e18381db39d5ed3678fc913cab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:20 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
47307
expires
Tue, 30 Jan 2024 21:02:41 GMT
f_guarantee.png
hid.gcwinner.com/Survey%20Rewards_files/
6 KB
6 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/f_guarantee.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6352
expires
Tue, 30 Jan 2024 21:02:41 GMT
f_secure_1.png
hid.gcwinner.com/Survey%20Rewards_files/
10 KB
10 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/f_secure_1.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Wed, 18 May 2022 15:37:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
9862
expires
Tue, 30 Jan 2024 21:02:41 GMT
timer.js.download
hid.gcwinner.com/Survey%20Rewards_files/
642 B
802 B
Script
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/timer.js.download
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
6654bb37eb080d19cee41ebae557b061ae412aac957d32d248e6daab287cd128

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Wed, 18 May 2022 15:37:22 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
642
content-type
application/octet-stream
logo.png
hid.gcwinner.com/Survey%20Rewards_files/
7 KB
7 KB
Image
General
Full URL
https://hid.gcwinner.com/Survey%20Rewards_files/logo.png
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.221 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium157-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
266224e66870855ba8874aa0f508169294bf3d3b04a0dc006e1525baf2cd96e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
last-modified
Mon, 11 Jul 2022 13:44:27 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
7338
expires
Tue, 30 Jan 2024 21:02:41 GMT
v9e118mez8
trk-tempore.com/scripts/push/
7 KB
3 KB
Script
General
Full URL
https://trk-tempore.com/scripts/push/v9e118mez8
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/Survey%20Rewards_files/msg.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d1bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9e1fe5789735b5ed1e30b4c2241e3bf78c3546ca0bf61c64a6527cc1bfdf94
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 23 Jan 2024 21:02:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2r74RRVnMAR%2FQfFjG6qEdePWZ%2BZiPb4G5rLTvjd4MuwDSmUb8t%2FZIM5qZNw%2Bx35fNcHyRO%2FY%2F64JScyLYFpx4OuTjovw889QuU7I6WWbuMMlAZx23R1BewfsffCYRO9ts9Fz6uNn9o8DMV7gGX0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84a2faa7ef344bc6-BUF
expires
0
fbevents.js
connect.facebook.net/en_US/
213 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/Survey%20Rewards_files/fbcode1.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 21:02:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57021
x-xss-protection
0
pragma
public
x-fb-debug
KnZ+gchX8A1k3HHxuQnxEBYjWkURx1PW9nuP19iZPRqrnFF0FczQEhib7/rnj4d4PJVGt/cmB5fH605NnpKo6g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/
41 KB
18 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/Survey%20Rewards_files/fbcode1.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-245.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
content-encoding
gzip
via
1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
17883
x-amz-cf-id
bgDjrpe4VEK0ez6Rgkzmcc5jf9nlLdotb5FTmNTAVpKYxEwyts9ysw==
mgsensor.js
a.mgid.com/
15 KB
5 KB
Script
General
Full URL
https://a.mgid.com/mgsensor.js?d=1706043761362
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/Survey%20Rewards_files/fbcode1.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
b06fd3ec-fe1a-479b-ab51-77ee1994a683
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
84a2faa7ecea4bd5-BUF
alt-svc
h3=":443"; ma=86400
cc25c7df-1e44-4f51-8ff1-8c175d6334c1.js
tr.snapchat.com/config/com/
174 B
454 B
Script
General
Full URL
https://tr.snapchat.com/config/com/cc25c7df-1e44-4f51-8ff1-8c175d6334c1.js?v=3.8.0-2401042024
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6f50c870249ec1a2cdbf74ddc672d47a14791bc07dde2f25d57c3d0acb103b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://hid.gcwinner.com/
Origin
https://hid.gcwinner.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://hid.gcwinner.com
x-envoy-upstream-service-time
37
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
i
tr.snapchat.com/cm/ Frame 0969
672 B
1 KB
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&u_scsid=9716a396-2158-45b1-a0f3-f6d46058b9ae&u_sclid=a08c29e1-39a9-44a1-b45d-d379da350c38
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://hid.gcwinner.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Tue, 23 Jan 2024 21:02:42 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
10
399694290689525
connect.facebook.net/signals/config/
51 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/399694290689525?v=2.9.142&r=stable&domain=hid.gcwinner.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0529423f13a5d792c5b14992afd45b52cf603f4ed2bcb0154225f851ec8578b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 21:02:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
TYnG1Ofomv3ZGaHk6i78hU9BRMuuzJwSRl0DAxICOHiAMqU3T66nqcNzmSyhW6n/qoUrifl39EHqauGj6CdNkA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
1x1.gif
a.mgid.com/
43 B
211 B
Image
General
Full URL
https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fhid.gcwinner.com%2F&nv=1&clid=&d=1706043762092
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:02:42 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
84a2faa92f054bd5-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Fhid.gcwinner.com%2F&rl=&if=false&ts=1706043762143&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=4126&fbp=fb.1.1706043762142.2109682316&ler=empty&it=1706043762022&coo=false&exp=d3&rqm=GET
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 21:02:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Fhid.gcwinner.com%2F&rl=&if=false&ts=1706043762146&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=4126&fbp=fb.1.1706043762142.2109682316&ler=empty&it=1706043762022&coo=false&exp=d3&rqm=GET
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hid.gcwinner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 21:02:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
p
tr.snapchat.com/
0
96 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://hid.gcwinner.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 21:02:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
access-control-allow-origin
https://hid.gcwinner.com
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
scevent.min.js
sc-static.net/ Frame 0969
41 KB
18 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&u_scsid=9716a396-2158-45b1-a0f3-f6d46058b9ae&u_sclid=a08c29e1-39a9-44a1-b45d-d379da350c38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-245.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:48:42 GMT
content-encoding
gzip
via
1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
840
etag
dc4e3509882e40c68a170453af779220
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
17883
x-amz-cf-id
EiP3iXp0O1gY9xADN5oshh6PrTda8hwjUjMwZrTI_zpzLl1MLOBIGw==
v9e118mez8
event.trk-tempore.com/register/event_log/ Frame
0
0
Preflight
General
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:22dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hid.gcwinner.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84a2faab1a8c4bc0-BUF
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Tue, 23 Jan 2024 21:02:42 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bac9hCnVvrVuPdULAl7NHY%2Fec9CyHgRI%2FXRdBEQP56sWBnQNZa83ARGDoLG%2FSdDHynqpcu27qTUCRrEptuMQDwMoKrAfXUQNvT%2FHp7HclV8VptjuzsAGiXkqN3zoo%2B%2BuF3zB6nRnMHRA8SzYmFbmKDQpfD0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-tempore.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Requested by
Host: hid.gcwinner.com
URL: https://hid.gcwinner.com/Survey%20Rewards_files/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:22dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hid.gcwinner.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Tue, 23 Jan 2024 21:02:42 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Alxsw73OC%2FuL133QF9lZ%2BWYYTVQMJSmGoYZyV63oRv5kYyg4mmlfws392onfsE6QO1CGo8YxEriGUIMW%2BE6jmgrbqA562wbUrXnwt76TcDwQA09wb1Lf7tRkbEVoAOYRF2PUfJi%2FX%2BUUBVkocIAUTC%2FMmvE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84a2faab6b274bc0-BUF
x-pushplatformapp-params
p
tr.snapchat.com/cm/ Frame BDE2
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1706043762338&u_scsid=2de5f57f-4be3-4b65-b7e2-208df46efbd0&u_sclid=a8806405-9269-4f42-b397-24ab3ce1374c
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706036338143%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706036338143%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1706036338143&pnid=140&pcid=1745834f-846b-4069-8dc5-38ef5e278b16
0
19 B
Document
General
Full URL
https://tr.snapchat.com/cm/p?rand=1706036338143&pnid=140&pcid=1745834f-846b-4069-8dc5-38ef5e278b16
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 21:02:42 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
14

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 23 Jan 2024 21:02:42 GMT
location
https://tr.snapchat.com/cm/p?rand=1706036338143&pnid=140&pcid=1745834f-846b-4069-8dc5-38ef5e278b16
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
p
tr6.snapchat.com/
0
46 B
Ping
General
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://hid.gcwinner.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 21:02:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google, 1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p
tr.snapchat.com/
0
16 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://hid.gcwinner.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 21:02:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
access-control-allow-origin
https://hid.gcwinner.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| months object| days object| time object| d string| dateNow undefined| c1 function| socle function| $ function| jQuery function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| fbq function| _fbq function| snaptr object| r object| MgSensorData function| startTimer function| hidpopu function| exit5minslayer function| closeexitlayer function| nextQuestion function| drawszlider function| startLoad function| selectReward function| showModal object| comments number| slidewhere number| holvanszlider object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl object| _scPxHelper

13 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: dc4e3509882e40c68a170453af779220
.mgid.com/ Name: __cf_bm
Value: H1BQH7xMVy1fhv9F3HU_v9ZT2_CRaXI2DuakF1U8qh0-1706043761-1-AfgR3IdpWcCEXMW4DPH78z+i/on/NBael8Cm7i5jUAvsXnxTc2Icv4AN0g0Lm1MV9bzbJlsfiX2pcfPd2XgIXeM=
.gcwinner.com/ Name: _scid
Value: f18c51c7-d5c6-468d-b948-0e4970359d02
.gcwinner.com/ Name: _scid_r
Value: f18c51c7-d5c6-468d-b948-0e4970359d02
.hid.gcwinner.com/ Name: MgidSensorNVis
Value: 1
.hid.gcwinner.com/ Name: MgidSensorHref
Value: https://hid.gcwinner.com/
.gcwinner.com/ Name: _fbp
Value: fb.1.1706043762142.2109682316
.mgid.com/ Name: muidn
Value: o0nGmqCmHW2d
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwQ3AMAgDwImQ7IBA7TZxEVNk+Hx7r/Md2VKbxmURlD1Emq9d4jcc9mHgZSERXrnOr7i0bNARQAAAAA==
.tapad.com/ Name: TapAd_TS
Value: 1706043762493
.tapad.com/ Name: TapAd_DID
Value: 1745834f-846b-4069-8dc5-38ef5e278b16
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.gcwinner.com/ Name: _sctr
Value: 1%7C1706004000000

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
connect.facebook.net
event.trk-tempore.com
hid.gcwinner.com
pixel.tapad.com
sc-static.net
tr.snapchat.com
tr6.snapchat.com
trk-tempore.com
www.facebook.com
162.0.235.221
2606:4700:1::6813:854c
2606:4700:3030::ac43:d1bf
2606:4700:3034::6815:22dd
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
34.111.113.62
35.190.43.134
54.230.48.245
0b9e1fe5789735b5ed1e30b4c2241e3bf78c3546ca0bf61c64a6527cc1bfdf94
11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14
129236a5b2929fee5883fcf0a0ad3d11e78412845f7289c62291c5e3671a1f1a
21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df
266224e66870855ba8874aa0f508169294bf3d3b04a0dc006e1525baf2cd96e0
316a6975de3078b71f6d0c0f92ac22b0f4586e6d048ed7808339e6b5e3cface2
3dc08e38fdf43aacbddfd66aa1296477ca8debc634f4d046b968bef1f1422ec0
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
59cc1d4bffd1ff0dc79947be1723f97ab0e32018791c0981b096cd2b60351231
63538636408d694425020b341235e224b91a191cd704704649e00b970c91bdf2
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6654bb37eb080d19cee41ebae557b061ae412aac957d32d248e6daab287cd128
6f50c870249ec1a2cdbf74ddc672d47a14791bc07dde2f25d57c3d0acb103b35
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
7ca149b3cceff96e46271c81bc29cb4ecc52e44ee015e539a67dbdc55a41b90a
81c3dbc9586969659eaf448aff5a0d29d9baec30d5feb86b9a7164cfe736835e
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
89c620db5c942f519d01f1fb1a8af66d054e0389e325540158c60b7a1bd3fe33
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
b86a268f6499796b7be385ba7c45dcb4b9b07417f64e4872494131b4f737a580
ba1ca1f5946be5d7901bc3167808211a24036f1a0a56f7dafcc2aaca0c8d8ced
bb640067b5d233f221c2a280bb5be089cc087a872941ae5f588f8230b60bee40
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c0529423f13a5d792c5b14992afd45b52cf603f4ed2bcb0154225f851ec8578b
c3401ff0b047bd896a0f6e22c032b6b5d01bf6e18381db39d5ed3678fc913cab
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a
d8c52e741d2269191bf4d7350e1b46ce419515da20bfee8a7230561862027269
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56636edb3521e167a84d2489deec01084b62eb67bed2101b3db7fc1a73e8539
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d