urlscan.io logo urlscan.io
SecurityTrails logo

gleam.io Open in urlscan Pro
172.66.40.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sweepsdb.com/go/4844496
Effective URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Submission: On December 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 172.66.40.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is gleam.io. The Cisco Umbrella rank of the primary domain is 55413.
TLS certificate: Issued by GTS CA 1P5 on November 21st 2023. Valid for: 3 months.
This is the only time gleam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.225.221.199 29802 (HVC-AS)
3 12 172.66.40.77 13335 (CLOUDFLAR...)
2 104.18.20.100 13335 (CLOUDFLAR...)
2 104.18.30.181 13335 (CLOUDFLAR...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
31 10
2    104.225.221.199 (Dallas, United States)

ASN29802 (HVC-AS, US)
PTR: svr.checkrepost.com
sweepsdb.com
swps.me
12    172.66.40.77 (United States)

ASN13335 (CLOUDFLARENET, US)
gleam.io
js.gleam.io
2    104.18.20.100 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.fraudjs.io
2    104.18.30.181 (None, )

ASN13335 (CLOUDFLARENET, US)
widget.gleamjs.io
10    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1544
ka-p.fontawesome.com — Cisco Umbrella Rank: 3304
310 KB
12 gleam.io
gleam.io — Cisco Umbrella Rank: 55413
js.gleam.io — Cisco Umbrella Rank: 63057
396 KB
2 gstatic.com
fonts.gstatic.com
80 KB
2 gleamjs.io
widget.gleamjs.io — Cisco Umbrella Rank: 81337
364 KB
2 fraudjs.io
cdn.fraudjs.io — Cisco Umbrella Rank: 202436
41 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 swps.me
swps.me
476 B
1 sweepsdb.com
sweepsdb.com
535 B
31 9
Domain Requested by
12 ka-p.fontawesome.com kit.fontawesome.com
ka-p.fontawesome.com
10 gleam.io 3 redirects swps.me
gleam.io
widget.gleamjs.io
static.cloudflareinsights.com
2 fonts.gstatic.com fonts.googleapis.com
2 js.gleam.io gleam.io
2 widget.gleamjs.io gleam.io
2 cdn.fraudjs.io gleam.io
1 static.cloudflareinsights.com gleam.io
1 fonts.googleapis.com gleam.io
1 kit.fontawesome.com gleam.io
1 swps.me
1 sweepsdb.com 1 redirects
31 11

This site contains links to these domains. Also see Links.

Domain
rog.asus.com
twitter.com
Subject Issuer Validity Valid
www.swps.me
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh
gleam.io
GTS CA 1P5		 2023-11-21 -
2024-02-19		 3 months crt.sh
widget.gleamjs.io
E1		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.fraudjs.io
E1		 2023-11-22 -
2024-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Frame ID: 6335F7B3CFE4FAC39FDD8A77FC1084BA
Requests: 31 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: BD090FFE63EB4F176C1854983A6BC22A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Demon1 x ASUS Mouse Giveaway

Page URL History Show full URLs

  1. https://sweepsdb.com/go/4844496 HTTP 302
    https://swps.me/71jbf Page URL
  2. https://gleam.io/V4FsN/SweepsDB HTTP 301
    https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

94 %
HTTPS

56 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1198 kB
Transfer

4059 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sweepsdb.com/go/4844496 HTTP 302
    https://swps.me/71jbf Page URL
  2. https://gleam.io/V4FsN/SweepsDB HTTP 301
    https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://sweepsdb.com/go/4844496 HTTP 302
  • https://swps.me/71jbf
Request Chain 3
  • https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js HTTP 301
  • https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Request Chain 16
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
71jbf
swps.me/
Redirect Chain
  • https://sweepsdb.com/go/4844496
  • https://swps.me/71jbf
210 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://swps.me/71jbf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.225.221.199 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
svr.checkrepost.com
Software
CentOS WebPanel: Protected by Mod Security / PHP/7.2.10
Resource Hash
7d91a14612fbb512e35a37417a45d90691eca29e4ca424e77f60c0496a70c080

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
167
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 15:24:57 GMT
Keep-Alive
timeout=5, max=100
Server
CentOS WebPanel: Protected by Mod Security
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.2.10

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 15:24:56 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://swps.me/71jbf
Pragma
no-cache
Referer
https://sweepsdb.com/c/4844496
Server
CentOS WebPanel: Protected by Mod Security
Transfer-Encoding
chunked
Vary
User-Agent
X-Robots-Tag
noindex, noarchive
Primary Request demon1-x-asus-mouse-giveaway
gleam.io/V4FsN/
Redirect Chain
  • https://gleam.io/V4FsN/SweepsDB
  • https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
108 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Requested by
Host: swps.me
URL: https://swps.me/71jbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac477367fdc849564aab7294b2dea3eb878fcd1c1311b9c2f84653d7996e3877
Security Headers
Name Value
Content-Security-Policy object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swps.me/71jbf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
BYPASS
cf-ray
83a19d527fd471dc-FRA
content-encoding
br
content-security-policy
object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 15:24:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
g-host
meepo19
link
<https://gleam.io/assets/widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-100cf1ff468036a68e8b92d1bd3e52f5040f295a862702fda21b8bf4db4a8913.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-100cf1ff468036a68e8b92d1bd3e52f5040f295a862702fda21b8bf4db4a8913.js>; rel=preload; as=script; nopush
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
f63e6bd9-8e01-4c8b-a651-0b5f25d9ef47
x-robots-tag
noindex, nofollow
x-runtime
0.035116
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
BYPASS
cf-ray
83a19d4de9e871dc-FRA
content-security-policy
object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 15:24:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
g-host
meepo15
location
https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
d46586ba-abb8-48ae-b174-48660473a499
x-robots-tag
noindex, nofollow
x-runtime
0.028784
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css
gleam.io/assets/ 		252 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gleam.io/assets/widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f073d86a11f1a20fed54a8b1f20589da53e76ae02d3c8c6a7fb7b3a9395797
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
175954
g-host
meepo16
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 14:26:51 GMT
server
cloudflare
etag
W/"65844b2b-3f0f5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000
cf-ray
83a19d546d1071a9-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
w-100cf1ff468036a68e8b92d1bd3e52f5040f295a862702fda21b8bf4db4a8913.js
gleam.io/assets/ 		1 MB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gleam.io/assets/w-100cf1ff468036a68e8b92d1bd3e52f5040f295a862702fda21b8bf4db4a8913.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c26c98ed73960582f302d7a3fef900d0fe99d9e231c051f0dd550b4e781094a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
459802
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Dec 2023 15:08:46 GMT
server
cloudflare
etag
W/"657c6bfe-11fd5e"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000, public
cf-ray
83a19d546d1371a9-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/
Redirect Chain
  • https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
  • https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Server
104.18.20.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 09:41:20 GMT
server
cloudflare
age
4540464
etag
W/"64a7ddc0-debd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
83a19d553a883624-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 23 Dec 2023 15:24:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=3600
cf-ray
83a19d546d1571a9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 23 Dec 2023 16:24:58 GMT
w-100cf1ff468036a68e8b92d1bd3e52f5040f295a862702fda21b8bf4db4a8913.js
widget.gleamjs.io/assets/ 		1 MB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.gleamjs.io/assets/w-100cf1ff468036a68e8b92d1bd3e52f5040f295a862702fda21b8bf4db4a8913.js
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c26c98ed73960582f302d7a3fef900d0fe99d9e231c051f0dd550b4e781094a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Dec 2023 15:08:55 GMT
server
cloudflare
age
691863
etag
W/"657c6c07-11fd5e"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
83a19d54cd860410-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css
widget.gleamjs.io/assets/ 		252 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.gleamjs.io/assets/widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f073d86a11f1a20fed54a8b1f20589da53e76ae02d3c8c6a7fb7b3a9395797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 14:26:54 GMT
server
cloudflare
age
175974
etag
W/"65844b2e-3f0f5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
g-host
meepo19
cf-ray
83a19d54cd850410-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
b36c7d9009.css
kit.fontawesome.com/ 		298 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b36c7d9009.css
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab7fc5fed1a0791df16c9474e45cdc7905052bc59fb787ca0ce21f1d27e841e

Request headers

Referer
https://gleam.io/
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
126
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=300, public, stale-while-revalidate=30
cf-ray
83a19d54d81b3611-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F5yFATOqdoAalrAAWJTC
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5acdd4d5943a99f42f3699e815d92c0131fd8f3165f6c3f98008892a140df9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Dec 2023 15:24:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 15:08:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Dec 2023 15:24:58 GMT
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 09:41:20 GMT
server
cloudflare
age
4540464
etag
W/"64a7ddc0-debd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
83a19d559b293624-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-952cf14d8576b83cc6a04d1d4a3c9640d17f2299707057fa44b6b43e72dbc850.svg
js.gleam.io/assets/ 		908 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.gleam.io/assets/logo-952cf14d8576b83cc6a04d1d4a3c9640d17f2299707057fa44b6b43e72dbc850.svg
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0861a617bdc9458084d4bd5820935ca2d4a8c718f0f06b00f24e14d2a3f362b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
459776
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Apr 2023 16:08:20 GMT
server
cloudflare
etag
W/"64343474-38c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000, public
cf-ray
83a19d547a6171dc-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
js.gleam.io/images/ 		731 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.gleam.io/images/logo.svg
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 14:20:31 GMT
server
cloudflare
age
4824
etag
W/"658449af-2db"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
g-host
meepo21
cf-ray
83a19d547a5e71dc-FRA
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://gleam.io/
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83a19d5609202bf5-FRA
pro.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		669 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
age
1964201
etag
"6568c5a0-1d52d"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d555b4e9bfe-FRA
content-length
120109
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
age
1964201
etag
"6568c5a0-1c12"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d555b4b9bfe-FRA
content-length
7186
custom-icons.css
ka-p.fontawesome.com/assets/b36c7d9009/76134786/ 		11 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/assets/b36c7d9009/76134786/custom-icons.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6eb887ef75997530beba607aad5bce7fe48191bdb9118bbe4860f66f6fdcfd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 13:39:32 GMT
server
cloudflare
age
2025647
etag
W/"5594bccdf85768b4dcee3ff5a6c3c3cb"
x-cache-status
MISS
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
83a19d555b4f9bfe-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:01:29 GMT
x-content-type-options
nosniff
age
206610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 06:01:29 GMT
main.js
gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame BD09
Redirect Chain
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Requested by
Host: gleam.io
URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Protocol
H3
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5768f51834a9df468a0769c2bd812984b402c22eaed48b60371d6221db3e81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
83a19d5769b371a9-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 23 Dec 2023 15:24:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control
max-age=300, public
cf-ray
83a19d56784271a9-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		99 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c15eda02cf6ba7e0d5395be0711db12448713af34cff495ce568289afdb730

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:38 GMT
server
cloudflare
age
1964034
etag
"6568cc22-36d0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d56baf63611-FRA
content-length
14032
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca4dbd73acdbca407bee1704d3a11d396de341d74dbc08bb028b36b7626ea4d

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:38 GMT
server
cloudflare
age
1964034
etag
"6568cc22-2ee0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d56aaf13611-FRA
content-length
12000
pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-regular-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:32 GMT
server
cloudflare
age
1964034
etag
"6568cc1c-3904"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d56aaf43611-FRA
content-length
14596
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:34:04 GMT
x-content-type-options
nosniff
age
424255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 17:34:04 GMT
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-12.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:38 GMT
server
cloudflare
age
1964034
etag
"6568cc22-35f8"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d56bafb3611-FRA
content-length
13816
pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-17.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:38 GMT
server
cloudflare
age
1964030
etag
"6568cc22-426c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d56baff3611-FRA
content-length
17004
checkbox.png
gleam.io/images/ 		368 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gleam.io/images/checkbox.png
Requested by
Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.gleamjs.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
459752
cf-polished
origFmt=png, origSize=655
content-disposition
inline; filename="checkbox.webp"
g-host
meepo17
alt-svc
h3=":443"; ma=86400
content-length
368
cf-bgj
imgq:85,h2pri
last-modified
Mon, 18 Dec 2023 07:26:34 GMT
server
cloudflare
etag
"657ff42a-28f"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
83a19d57195071a9-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:28 GMT
server
cloudflare
age
1964034
etag
"6568cc18-9620"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d572b8b3611-FRA
content-length
38432
pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:28 GMT
server
cloudflare
age
1940546
etag
"6568cc18-9cfc"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d572b903611-FRA
content-length
40188
pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-regular-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b2fbe94e9e99d462599f0e33e736c447a01254280f3840568df3f0d40e0c429

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:32 GMT
server
cloudflare
age
1930380
etag
"6568cc1c-423c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d572b943611-FRA
content-length
16956
pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-14.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bb91ef2b6189fe3bb3bcbfd35f127e49b588e629ec86a9e9265462c3bd9e55

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:53:38 GMT
server
cloudflare
age
1964033
etag
"6568cc22-3408"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
83a19d572b963611-FRA
content-length
13320
rum
gleam.io/cdn-cgi/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://gleam.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83a19d578a0d71a9-FRA
83a19d527fd471dc
gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame BD09 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/83a19d527fd471dc
Requested by
Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Dec 2023 15:24:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
83a19d580ad571a9-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| fallbackToHostedFontAwesome string| campaignKeyOverride string| actionMarketingAppName function| escapeStringRegexp function| tagToHashtagRegExp function| Cookies function| _getGSAP function| CSSPlugin object| cssCore function| _removeLinkedListItem function| _removeProperty function| PropTween function| _getAllStyles function| ClassNamePlugin object| LocalStorage string| TALKER_TYPE string| TALKER_ERR_TIMEOUT function| objectCreate function| defer function| Talker function| jqueryLikeOn function| withParam function| addExpid function| $ function| jQuery function| jsmd5 object| fraudService function| ClipboardJS function| elementResizeDetectorMaker object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| simulateEvent function| trackEvent function| trackPageview function| moment object| angular object| Gleam object| ifvisible object| linkify string| pageType string| pageViewOverride object| FingerprintJS function| gleamFraudCalculator object| messageBundle object| conversionTracking undefined| configPayload object| __cfBeacon

10 Cookies

Domain/Path Name / Value
sweepsdb.com/ Name: PHPSESSID
Value: 99dda19ce571fee354b808bf2575fc85
gleam.io/ Name: PP-V4FsN
Value: *
gleam.io/ Name: owner_token
Value: ycIAJiHLOW1r3KW1DBvnrA
gleam.io/ Name: RL-V4FsN
Value: https%3A%2F%2Fgleam.io%2FV4FsN%2FSweepsDB
gleam.io/ Name: _gfpc
Value: t
.gleam.io/ Name: __cf_bm
Value: BcVllxPsUL_QIm8arPXXRiGxvHgv9MLkhpNQPRBFXNg-1703345098-1-AaP/pdTouBPLx6t1WLq3EuPSZrGxHDYGtUsHxu3ymYDwrXOAmuThl8sh9IFMtPn9pEPuE0TpZY3elQHKmaC8h1U=
gleam.io/ Name: XSRF-TOKEN
Value: HpLpT6VHuIFvkfHVsukwAlyySkZ5ZZL8EikAbz7aoZ5nqI5IGptX8H8dCW2bxlNcy_EzVAl7xH97FfjuNqcRAw
gleam.io/ Name: _app_session
Value: pJQQ2Ao9JNmSKh448LFPPzDh40wEFC0UYwars0lwyK1wRSXm%2B6XY8ePBTIYpMbA0vA4q85D7f4FLiTw%2F93ac3QvUf6zYi9%2FpRsmZ%2F8F69nmMgP9tTdZNWG12HBs7ypIjNWiRaVT1WejuRopk64aZI9CxvBUryz8gXQbuhlJdRWwrPiVs0OHdHMnotoo%2FagtZjp0PZrZt6dO7I1FzTYMHsB%2BbjKrgKrrhQhDKdn21AqENOUjcpUzP7j3RnvPbs5lYpE13D4vNRjoLl8TgyU2grgtCJxQ5hmLILE6mZ6VIhd90r0anrgiTYIk2--FUgT57ze%2B5EcGrxd--2haPi%2B8K3qJ97HJ6AdGNig%3D%3D
gleam.io/ Name: fpr
Value: a1d1013f00246a1cb650cd9bce0cc3a0.7e245843fbbf084865bc1359cfb18cce
.gleam.io/ Name: cf_clearance
Value: DOR9oFWN.c4uvsa4TbjFGFqEJKQ0DFpGGphaLAhVLxA-1703345099-0-2-75778e0d.65cac438.b55e2d27-0.2.1703345099

3 Console Messages

Source Level URL
Text
javascript warning URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Message:
The resource https://gleam.io/assets/w-100cf1ff468036a68e8b92d1bd3e52f5040f295a862702fda21b8bf4db4a8913.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Message:
The resource https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gleam.io/V4FsN/demon1-x-asus-mouse-giveaway
Message:
The resource https://gleam.io/assets/widget-classic-0b415eb0416e4fcaee2b782765a6932f835775a96433f506c4807f176534c67a.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fraudjs.io
fonts.googleapis.com
fonts.gstatic.com
gleam.io
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
static.cloudflareinsights.com
sweepsdb.com
swps.me
widget.gleamjs.io
104.18.20.100
104.18.30.181
104.225.221.199
172.66.40.77
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700::6810:3965
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
56c15eda02cf6ba7e0d5395be0711db12448713af34cff495ce568289afdb730
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
7d91a14612fbb512e35a37417a45d90691eca29e4ca424e77f60c0496a70c080
8b2fbe94e9e99d462599f0e33e736c447a01254280f3840568df3f0d40e0c429
a0861a617bdc9458084d4bd5820935ca2d4a8c718f0f06b00f24e14d2a3f362b
ac477367fdc849564aab7294b2dea3eb878fcd1c1311b9c2f84653d7996e3877
aca4dbd73acdbca407bee1704d3a11d396de341d74dbc08bb028b36b7626ea4d
ae5768f51834a9df468a0769c2bd812984b402c22eaed48b60371d6221db3e81
b5acdd4d5943a99f42f3699e815d92c0131fd8f3165f6c3f98008892a140df9e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c26c98ed73960582f302d7a3fef900d0fe99d9e231c051f0dd550b4e781094a9
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c3f073d86a11f1a20fed54a8b1f20589da53e76ae02d3c8c6a7fb7b3a9395797
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb91ef2b6189fe3bb3bcbfd35f127e49b588e629ec86a9e9265462c3bd9e55
e6eb887ef75997530beba607aad5bce7fe48191bdb9118bbe4860f66f6fdcfd1
fab7fc5fed1a0791df16c9474e45cdc7905052bc59fb787ca0ce21f1d27e841e