urlscan.io logo urlscan.io
SecurityTrails logo

gleam.io Open in urlscan Pro
172.66.40.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt
Effective URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Submission: On September 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 36 HTTP transactions. The main IP is 172.66.40.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is gleam.io. The Cisco Umbrella rank of the primary domain is 61545.
TLS certificate: Issued by GTS CA 1P5 on July 26th 2023. Valid for: 3 months.
This is the only time gleam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34.160.67.231 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 23.21.227.31 14618 (AMAZON-AES)
3 11 172.66.40.77 13335 (CLOUDFLAR...)
2 104.18.21.100 13335 (CLOUDFLAR...)
2 104.18.31.181 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f03... 32934 (FACEBOOK)
1 104.18.9.67 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:67c:4e8:... 62041 (TELEGRAM)
1 2a03:2880:f13... 32934 (FACEBOOK)
36 15
2    34.160.67.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.67.160.34.bc.googleusercontent.com
track-location-6.mrwh908h.repl.co
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    23.21.227.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-227-31.compute-1.amazonaws.com
wn.nr
11    172.66.40.77 (United States)

ASN13335 (CLOUDFLARENET, US)
gleam.io
js.gleam.io
2    104.18.21.100 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.fraudjs.io
2    104.18.31.181 (None, )

ASN13335 (CLOUDFLARENET, US)
widget.gleamjs.io
11    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin.com
2    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
2    2a03:2880:f03d:1c:face:b00c:0:3 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.9.67 (None, )

ASN13335 (CLOUDFLARENET, US)
user-assets.out.sh
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)
telegram.org
1    2a03:2880:f13d:83:face:b00c:0:25de (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
13 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1576
ka-p.fontawesome.com — Cisco Umbrella Rank: 3410
307 KB
11 gleam.io
gleam.io — Cisco Umbrella Rank: 61545
js.gleam.io — Cisco Umbrella Rank: 74928
402 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
88 KB
2 gleamjs.io
widget.gleamjs.io — Cisco Umbrella Rank: 133880
365 KB
2 fraudjs.io
cdn.fraudjs.io — Cisco Umbrella Rank: 220913
41 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368
fonts.googleapis.com — Cisco Umbrella Rank: 41
35 KB
2 repl.co
track-location-6.mrwh908h.repl.co
8 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
1 telegram.org
telegram.org — Cisco Umbrella Rank: 11246
6 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 out.sh
user-assets.out.sh — Cisco Umbrella Rank: 188054
111 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3510
160 KB
1 wn.nr
wn.nr — Cisco Umbrella Rank: 876635
344 B
36 13
Domain Requested by
12 ka-p.fontawesome.com kit.fontawesome.com
ka-p.fontawesome.com
9 gleam.io 3 redirects track-location-6.mrwh908h.repl.co
gleam.io
widget.gleamjs.io
2 connect.facebook.net gleam.io
connect.facebook.net
2 js.gleam.io gleam.io
2 widget.gleamjs.io gleam.io
2 cdn.fraudjs.io gleam.io
2 track-location-6.mrwh908h.repl.co ajax.googleapis.com
1 www.facebook.com connect.facebook.net
1 telegram.org gleam.io
1 fonts.gstatic.com fonts.googleapis.com
1 user-assets.out.sh gleam.io
1 platform.linkedin.com gleam.io
1 fonts.googleapis.com gleam.io
1 kit.fontawesome.com gleam.io
1 wn.nr 1 redirects
1 ajax.googleapis.com track-location-6.mrwh908h.repl.co
36 16

This site contains links to these domains. Also see Links.

Domain
t.me
twitter.com
virtualversions.xyz
Subject Issuer Validity Valid
mrwh908h.repl.co
R3		 2023-08-27 -
2023-11-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
gleam.io
GTS CA 1P5		 2023-07-26 -
2023-10-24		 3 months crt.sh
widget.gleamjs.io
E1		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
cdn.fraudjs.io
E1		 2023-07-27 -
2023-10-25		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-05-17 -
2024-05-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-15 -
2023-09-13		 3 months crt.sh
out.sh
E1		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2023-08-11 -
2024-09-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Frame ID: 01C946F7D90BE96C7950C105FF3F8848
Requests: 35 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: 02FDD3B41ED502A9863C81D0717CF878
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Virtual Versions x Work X Giveaway!

Page URL History Show full URLs

  1. https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt Page URL
  2. https://wn.nr/ErAjT2m HTTP 301
    https://gleam.io/jAZ7W-KOjgsKS5IU HTTP 301
    https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

94 %
HTTPS

60 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

1569 kB
Transfer

5083 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt Page URL
  2. https://wn.nr/ErAjT2m HTTP 301
    https://gleam.io/jAZ7W-KOjgsKS5IU HTTP 301
    https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js HTTP 301
  • https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Request Chain 18
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aHR0cHM6Ly93bi5uci9FckFqVDJt
track-location-6.mrwh908h.repl.co/c/2h4memo/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.67.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a08f7184eda6237f617b9ea3f39df8102e13c378d03fc738d1d211e51c6f815f
Security Headers
Name Value
Strict-Transport-Security max-age=6986848; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
8171
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 18:10:49 GMT
etag
W/"1feb-sji7uITxEk5vTiJvyHxS//atkFs"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster
asia-b
strict-transport-security
max-age=6986848; includeSubDomains
x-powered-by
Express
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.2/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js
Requested by
Host: track-location-6.mrwh908h.repl.co
URL: https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track-location-6.mrwh908h.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34009
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 14:46:03 GMT
/
track-location-6.mrwh908h.repl.co/ 		4 B
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-location-6.mrwh908h.repl.co/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.67.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=6986848; includeSubDomains

Request headers

Accept
*/*
Referer
https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 05 Sep 2023 18:10:49 GMT
strict-transport-security
max-age=6986848; includeSubDomains
etag
W/"4-6bRQ0UvCNj0pLITxfPrVz71YpFg"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
x-powered-by
Express
content-type
text/html; charset=utf-8
access-control-allow-origin
*
replit-cluster
asia-b
content-length
4
Primary Request virtual-versions-x-work-x-giveaway
gleam.io/jAZ7W/
Redirect Chain
  • https://wn.nr/ErAjT2m
  • https://gleam.io/jAZ7W-KOjgsKS5IU
  • https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
126 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Requested by
Host: track-location-6.mrwh908h.repl.co
URL: https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea06ca1d6ed2fa914850a7c9b7bc2ce620794b3c3d0f037908c6e98620227983
Security Headers
Name Value
Content-Security-Policy object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://track-location-6.mrwh908h.repl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
BYPASS
cf-ray
80206e6b8cd990d4-FRA
content-encoding
br
content-security-policy
object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 18:10:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
g-host
meepo15
link
<https://gleam.io/assets/widget-dark-d6475f9e5929f7ff44b3edabdde820e5acad3f868c8e1e84f77cff814735c44d.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-15ae8e37e076a0f1fe973f76d5d7bab95439f4b6efa280d4331741d835227b4b.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/widget-dark-d6475f9e5929f7ff44b3edabdde820e5acad3f868c8e1e84f77cff814735c44d.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-15ae8e37e076a0f1fe973f76d5d7bab95439f4b6efa280d4331741d835227b4b.js>; rel=preload; as=script; nopush
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
f45f34a0-76de-4c25-bec9-c61a6ace31a3
x-robots-tag
noindex, nofollow
x-runtime
0.050155
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
BYPASS
cf-ray
80206e69ba2a90d4-FRA
content-security-policy
frame-ancestors 'self'; object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 18:10:50 GMT
g-host
meepo15
location
https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
82cd19c4-3dd0-4757-8244-95a73e119008
x-robots-tag
googlebot: nofollow noindex
x-runtime
0.019191
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
widget-dark-d6475f9e5929f7ff44b3edabdde820e5acad3f868c8e1e84f77cff814735c44d.css
gleam.io/assets/ 		266 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gleam.io/assets/widget-dark-d6475f9e5929f7ff44b3edabdde820e5acad3f868c8e1e84f77cff814735c44d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67156b6c4fff9bc234ab8c990bc9c9614b1b763fc0db0d1215b219ae35274568
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
149216
g-host
meepo15
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 00:11:47 GMT
server
cloudflare
etag
W/"64f520c3-4288d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000
cf-ray
80206e6d5b662c49-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
w-15ae8e37e076a0f1fe973f76d5d7bab95439f4b6efa280d4331741d835227b4b.js
gleam.io/assets/ 		1 MB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gleam.io/assets/w-15ae8e37e076a0f1fe973f76d5d7bab95439f4b6efa280d4331741d835227b4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13fb041dc391bf97f69e1760eac9b3cf01e79ef65088bd8e22c0219811f23ef3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
150657
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 00:11:53 GMT
server
cloudflare
etag
W/"64f520c9-11f275"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000, public
cf-ray
80206e6d5b682c49-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/
Redirect Chain
  • https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
  • https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Server
104.18.21.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 09:41:24 GMT
server
cloudflare
age
5214303
etag
W/"64a7ddc4-debd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
80206e6e2b71bbbc-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=3600
cf-ray
80206e6d5b6b2c49-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Sep 2023 19:10:51 GMT
w-15ae8e37e076a0f1fe973f76d5d7bab95439f4b6efa280d4331741d835227b4b.js
widget.gleamjs.io/assets/ 		1 MB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.gleamjs.io/assets/w-15ae8e37e076a0f1fe973f76d5d7bab95439f4b6efa280d4331741d835227b4b.js
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13fb041dc391bf97f69e1760eac9b3cf01e79ef65088bd8e22c0219811f23ef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 00:11:50 GMT
server
cloudflare
age
150794
etag
W/"64f520c6-11f275"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
80206e6dde692c2e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-dark-d6475f9e5929f7ff44b3edabdde820e5acad3f868c8e1e84f77cff814735c44d.css
widget.gleamjs.io/assets/ 		266 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.gleamjs.io/assets/widget-dark-d6475f9e5929f7ff44b3edabdde820e5acad3f868c8e1e84f77cff814735c44d.css
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67156b6c4fff9bc234ab8c990bc9c9614b1b763fc0db0d1215b219ae35274568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 00:11:56 GMT
server
cloudflare
age
149328
etag
W/"64f520cc-4288d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
g-host
meepo21
cf-ray
80206e6dde672c2e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
b36c7d9009.css
kit.fontawesome.com/ 		195 B
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b36c7d9009.css
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10406a51a40246d0f785ed9e3f2d7f92bbf17ab07407fec8649afbad4c06d106

Request headers

Referer
https://gleam.io/
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
295
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=300, public, stale-while-revalidate=30
cf-ray
80206e6d9aa61976-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F3ep9RR88IWmbRIADJhj
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Lato:400,600,900|Inter:400,500&display=swap
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12b645bd3d69756d84bf21c59d4aa7ef9e5c2acd8ef4f4c1ba5a28f80b3521ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 18:10:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 18:10:51 GMT
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 09:41:24 GMT
server
cloudflare
age
5214303
etag
W/"64a7ddc4-debd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
80206e6f5d60bbbc-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
js.gleam.io/images/ 		731 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.gleam.io/images/logo.svg
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 15:45:02 GMT
server
cloudflare
age
2244
etag
W/"64f74cfe-2db"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
g-host
meepo14
cf-ray
80206e6fea9f90d4-FRA
alt-svc
h3=":443"; ma=86400
in.js
platform.linkedin.com/ 		510 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
ffaf29f879d07e6eabf1c15bba8c3b72f6a821f615f2da67d0c24b267feeab8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
544
date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cdn-client-ip-version
IPV6
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
content-length
163639
x-li-uuid
AAYEoA/L4QZHeiS/aF8G5A==
server
Play
x-li-pop
prod-ltx1-x
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-ltx1
cache-control
public, max-age=3600
x-li-proto
http/1.1
expires
Tue, 5 Sep 2023 18:36:06 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.4.2/css/ 		653 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:07:57 GMT
server
cloudflare
age
2941954
etag
W/"61dfb335f6a8fe22e435d175f39c315a"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
cf-ray
80206e6ebda23610-FRA
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.4.2/css/ 		54 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v5-font-face.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
age
2941954
etag
W/"36b5a5e9989c4ffc46d29ee5decf9b15"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
cf-ray
80206e6ebda43610-FRA
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ca94c7c937f2d6751434b0c51ea45c868129d5a6b8d2d9ea7bea8d3cb146275
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 18:10:51 GMT
content-md5
6LJiGjj9e2PalLP+uH9VTg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
LQYSC5lGC9/rB1ZtkItGWUmbDPbVEab/tSpTSNDIq6V2E1B8/SoNd2GbljkBH81YCak82SJPegHoY0hbwZLK/w==
x-fb-content-md5
c4e2cd866171984074a01fb1f941ddb1
cross-origin-opener-policy
same-origin-allow-popups
etag
"77096ca6cd189eb8aa03031594d84ef6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 05 Sep 2023 18:25:13 GMT
screenshot-2023-08-31-210708.png
user-assets.out.sh/user-assets/2073818/Fyz3vUmYieNtFtSp/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets.out.sh/user-assets/2073818/Fyz3vUmYieNtFtSp/screenshot-2023-08-31-210708.png
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da971bd28a97a11847629d8a5c73610caeed79b81a6a49afde17b4ec70136cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
x-amz-version-id
r.1pJ2Lp.hJfwpbIZxcp92ufOQ_7yYO.
cf-cache-status
REVALIDATED
x-amz-request-id
EG5D61S3J1F3HBP8
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
112686
x-amz-id-2
o9ngwOuUNMvUIlHrFAxLArSKlOTEhNWSBtCbtF5D6ppfnE3hwxYUvwy0soI2ZKKocxR4ISBnA9CeFhfn/lkhEQ==
last-modified
Thu, 31 Aug 2023 20:07:42 GMT
server
cloudflare
etag
"2d3e13564231ff9aadba601e469fe350"
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
80206e7069019b86-FRA
expires
Tue, 05 Sep 2023 22:10:51 GMT
all.js
connect.facebook.net/en_US/ 		304 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=c352040ef4c64ce2df4a07e1c2629888
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be6ff9b52e6fc8f2a18e2cc7334e8019b09e3609b2c61dd4ab429ee9bed6043b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gleam.io/
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 18:10:51 GMT
content-md5
rKTYk6FearAwhYj3TAEhmQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87320
x-fb-debug
phISyx6nzsCBbSGlC1hIjkbsibhB5GFH5w3KXdUDnvfXDdM4QLPSxmOGBgKbwsCd0L476pzyEwWILJwne1U0eg==
x-fb-content-md5
b4754d2e58ee3b4b781ae3e715bf34ff
cross-origin-opener-policy
same-origin-allow-popups
etag
"6e9cb4c320918023113ef789b8bed4db"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 04 Sep 2024 16:08:38 GMT
main.js
gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/ Frame 02FD
Redirect Chain
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H3
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a88eb46112ce70a5b6212eff35811f099cee1e0ffcd772127e2d7f5053bb0fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
80206e725b3d2c49-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
80206e70d8dd2c49-FRA
alt-svc
h3=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Lato:400,600,900|Inter:400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:02:59 GMT
x-content-type-options
nosniff
age
378472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 09:02:59 GMT
pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c5f02b9dc1353e2fe5c53eb2a01c91fe40e891acc57f22b6bc7fb94d08097f

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:39 GMT
server
cloudflare
age
2941931
etag
"4abcbd61cf6530156823d922586ad6b5"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e7128ad1976-FRA
content-length
13380
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adef62602f3fefd4e6f1d58bef7ff97640f6a52b55cc379d67ee4a283f3ac0b6

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:39 GMT
server
cloudflare
age
2941931
etag
"e635fbdb6d71c0aabd5d5ef365d5daf5"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e7128b11976-FRA
content-length
11380
pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-regular-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab1d861f40e0b7a2773c61b30eaa39ba2af3d479aebd83dd7e03161de0e25298

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:35 GMT
server
cloudflare
age
2941931
etag
"6288b44a6fa27c081713d2aa82c9aad6"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e7128b21976-FRA
content-length
13964
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-12.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6703613ee782790dd723b3096e965d2a7f7a29f14a27a857cd4350421954caca

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:39 GMT
server
cloudflare
age
2941931
etag
"295d59fde4985220de4456ec047fd1cf"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e7138c01976-FRA
content-length
11436
pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-17.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd20a5ae445a0c34086b9a504c099ecfe640c1dc0d9d97b5911e10df7ac46961

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:39 GMT
server
cloudflare
age
2941931
etag
"51ec9792ca54ac424e139ec51e3516dd"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e7138c31976-FRA
content-length
17004
pro-fa-solid-900-11.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-11.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d354b92cc50e26da3614dc045836c906802bd58876e9759d4884320874e203fd

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:39 GMT
server
cloudflare
age
1933797
etag
"64c95c33-59e8"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e7158f31976-FRA
content-length
23016
checkbox.png
gleam.io/images/ 		368 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gleam.io/images/checkbox.png
Requested by
Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-dark-d6475f9e5929f7ff44b3edabdde820e5acad3f868c8e1e84f77cff814735c44d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.gleamjs.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
6150086
cf-polished
origFmt=png, origSize=655
content-disposition
inline; filename="checkbox.webp"
g-host
meepo14
alt-svc
h3=":443"; ma=86400
content-length
368
cf-bgj
imgq:85,h2pri
last-modified
Mon, 26 Jun 2023 13:32:16 GMT
server
cloudflare
etag
"64999360-28f"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
80206e71ea992c49-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-brands-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be6055153370002a78a8fa734e28b81a566e49855686b500cbbf8d42129a38db

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:32 GMT
server
cloudflare
age
2941931
etag
"fa42cd9b611d8dfa7da57178fb80beac"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e71f9fc1976-FRA
content-length
36504
pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-brands-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9837b15da4f9bb0f312eade52d306fa611ff2ce38faa7d601e816fa22f73ca5f

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:32 GMT
server
cloudflare
age
2941931
etag
"03e3486ca5bfde48fe827e153bf9c802"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e71f9fe1976-FRA
content-length
38752
pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-regular-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:35 GMT
server
cloudflare
age
2663819
etag
"64c95c2f-3f0c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e71f9ff1976-FRA
content-length
16140
pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-14.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:25:39 GMT
server
cloudflare
age
2941931
etag
"185c4ea4d4cebccf9e5a07bba2869381"
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
x-cache-status
HIT
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80206e71fa041976-FRA
content-length
10816
logo.svg
js.gleam.io/images/ 		731 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.gleam.io/images/logo.svg
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 13:07:24 GMT
server
cloudflare
age
5917
etag
W/"64f7280c-2db"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
g-host
meepo14
cf-ray
80206e724b1f2c49-FRA
alt-svc
h3=":443"; ma=86400
telegram-widget.js
telegram.org/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-widget.js
Requested by
Host: gleam.io
URL: https://gleam.io/jAZ7W/virtual-versions-x-work-x-giveaway?gsr=jAZ7W-KOjgsKS5IU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 18:10:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
etag
W/"642abc84-4ff5"
content-type
application/javascript
cache-control
max-age=345600
expires
Sat, 09 Sep 2023 18:10:51 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=152351391599356&input_token&origin=1&redirect_uri=https%3A%2F%2Fgleam.io%2FjAZ7W%2Fvirtual-versions-x-work-x-giveaway%3Fgsr%3DjAZ7W-KOjgsKS5IU&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c352040ef4c64ce2df4a07e1c2629888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 05 Sep 2023 18:10:52 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
KHcT+0+iatsAPOgd2TaAAz0zwEFb42olIZju4kwBLQm7gMUWXf+BrxWi9tXkn3DQvwQK+Qw1EU92FtzSDvVEvw==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gleam.io
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
80206e6b8cd990d4
gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 02FD 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/80206e6b8cd990d4
Requested by
Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Sep 2023 18:10:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
80206e73cd532c49-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| fallbackToHostedFontAwesome string| campaignKeyOverride string| actionMarketingAppName function| escapeStringRegexp function| tagToHashtagRegExp function| Cookies function| _getGSAP function| CSSPlugin object| cssCore function| _removeLinkedListItem function| _removeProperty function| PropTween function| _getAllStyles function| ClassNamePlugin object| LocalStorage string| TALKER_TYPE string| TALKER_ERR_TIMEOUT function| objectCreate function| defer function| Talker function| jqueryLikeOn function| withParam function| addExpid function| $ function| jQuery function| jsmd5 object| fraudService function| ClipboardJS function| elementResizeDetectorMaker object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| simulateEvent function| trackEvent function| trackPageview function| moment object| angular object| Gleam object| ifvisible object| linkify string| pageType string| pageViewOverride object| messageBundle string| facebookAppId object| FingerprintJS function| gleamFraudCalculator object| FB object| __core-js_shared__ object| Sslac object| IN function| parseLinkedIn object| conversionTracking undefined| configPayload function| fbAsyncInit function| fbLazyInitPost number| telegramBotId object| __buffer function| __parseFunction object| Telegram

11 Cookies

Domain/Path Name / Value
gleam.io/ Name: PP-jAZ7W
Value: *
gleam.io/ Name: owner_token
Value: t3hbm0ozU830l3uo55B5AQ
gleam.io/ Name: SH-jAZ7W
Value: KOjgsKS5IU
.gleam.io/ Name: __cf_bm
Value: 9ERmtOpR9XxnAASI2FHFBdxrNODf8UflNZTXxjxuwIw-1693937450-0-AfLaQ1SlBYLuO+moiA7LcF608mr9pMaYFAjKvv4tbeAfksRxH7/gGERmJ5vQrYIkICT6xN8CnwX9Z+YqXVJ0jfI=
gleam.io/ Name: RL-jAZ7W
Value: https%3A%2F%2Fgleam.io%2FjAZ7W%2Fvirtual-versions-x-work-x-giveaway
gleam.io/ Name: RR-jAZ7W
Value: https%3A%2F%2Ftrack-location-6.mrwh908h.repl.co%2F
gleam.io/ Name: _gfpc
Value: t
gleam.io/ Name: XSRF-TOKEN
Value: YCLff_quSPWhkCzSIiB4Ia69Ds8K_Pji6013ewYwrd-UGdO7MPkbqdVNgCsU-uazSTpq24yreTGTmpYekQ2eqA
gleam.io/ Name: _app_session
Value: 7N8HhWYhW1gaEA5Cno%2BAJOTVVWHF6LSOme2ZfNlP9JvZuSgWm7NUSH0b04sRTK34h1tfrLpEe1fVkJBctIISkVsCucFqGQdXL9aYMcuNYfJpIPW0KyHMP6%2F7e9Z79cPnEDKD7R0tNhac0zD2TNKTIHXPiH%2BcZ5y%2F5mNdyURNuT8xkEOeK%2BSfz9rldF21J6aGauBHAvd%2Ff%2BGRUf9uUKn8nIU6JQYhEDyYsyjyIS2v7rHDSKosvBiPaR%2B3O9lStBwSCIgdeHd4hTJ241pkAh0Wxb7z4i7HlfIJIEFvnMtSDEfJCupjsANfjbv4--cNxs8E9AzSd22cMs--oMXA85Rj%2B8pSMgRU0FW3Ug%3D%3D
gleam.io/ Name: fpr
Value: 95be929b18cac88bd13984f1739325c6.6e92ef6e41c385f8e0b2735333abc653
.gleam.io/ Name: cf_clearance
Value: .5Ed44qSryNK_MEFPHXMCHJTgFPNeaE6wmVhRGenOzo-1693937452-0-1-1f0bbb66.bfc000dd.6f54e9c2-0.2.1693937452

1 Console Messages

Source Level URL
Text
security warning URL: https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt(Line 54)
Message:
Mixed Content: The page at 'https://track-location-6.mrwh908h.repl.co/c/2h4memo/aHR0cHM6Ly93bi5uci9FckFqVDJt' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://000webhost.com/?__cf_chl_jschl_tk__=gUwvgP4U.d3mjLABceeM1Hoq0yzKoVb2_YClw1ApwLs-1640764924-0-gaNycGzNA70'. This endpoint should be made available over a secure connection.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=6986848; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.fraudjs.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gleam.io
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
platform.linkedin.com
telegram.org
track-location-6.mrwh908h.repl.co
user-assets.out.sh
widget.gleamjs.io
wn.nr
www.facebook.com
104.18.21.100
104.18.31.181
104.18.9.67
172.66.40.77
2001:67c:4e8:f004::9
23.21.227.31
2606:4700::6812:1634
2606:4700::6812:1734
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:831::200a
2a02:26f0:3500:16::215:148d
2a03:2880:f03d:1c:face:b00c:0:3
2a03:2880:f13d:83:face:b00c:0:25de
34.160.67.231
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
10406a51a40246d0f785ed9e3f2d7f92bbf17ab07407fec8649afbad4c06d106
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019
12b645bd3d69756d84bf21c59d4aa7ef9e5c2acd8ef4f4c1ba5a28f80b3521ef
13fb041dc391bf97f69e1760eac9b3cf01e79ef65088bd8e22c0219811f23ef3
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713
6703613ee782790dd723b3096e965d2a7f7a29f14a27a857cd4350421954caca
67156b6c4fff9bc234ab8c990bc9c9614b1b763fc0db0d1215b219ae35274568
6a88eb46112ce70a5b6212eff35811f099cee1e0ffcd772127e2d7f5053bb0fc
6ca94c7c937f2d6751434b0c51ea45c868129d5a6b8d2d9ea7bea8d3cb146275
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
9837b15da4f9bb0f312eade52d306fa611ff2ce38faa7d601e816fa22f73ca5f
a08f7184eda6237f617b9ea3f39df8102e13c378d03fc738d1d211e51c6f815f
a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9
ab1d861f40e0b7a2773c61b30eaa39ba2af3d479aebd83dd7e03161de0e25298
adef62602f3fefd4e6f1d58bef7ff97640f6a52b55cc379d67ee4a283f3ac0b6
be6055153370002a78a8fa734e28b81a566e49855686b500cbbf8d42129a38db
be6ff9b52e6fc8f2a18e2cc7334e8019b09e3609b2c61dd4ab429ee9bed6043b
d354b92cc50e26da3614dc045836c906802bd58876e9759d4884320874e203fd
d7c5f02b9dc1353e2fe5c53eb2a01c91fe40e891acc57f22b6bc7fb94d08097f
da971bd28a97a11847629d8a5c73610caeed79b81a6a49afde17b4ec70136cb5
dd20a5ae445a0c34086b9a504c099ecfe640c1dc0d9d97b5911e10df7ac46961
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea06ca1d6ed2fa914850a7c9b7bc2ce620794b3c3d0f037908c6e98620227983
ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03
ffaf29f879d07e6eabf1c15bba8c3b72f6a821f615f2da67d0c24b267feeab8c