gleam.io Open in urlscan Pro
172.66.43.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wn.nr/XS7MSHt
Effective URL:
https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Submission: On November 18 via manual (November 18th 2024, 6:21:14 pm UTC) from HR — Scanned from DE

Summary HTTP 46 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 17 domains to perform 46 HTTP transactions. The main IP is 172.66.43.179, located in United States and belongs to CLOUDFLARENET, US. The main domain is gleam.io. The Cisco Umbrella rank of the primary domain is 82999.
TLS certificate: Issued by WE1 on November 10th 2024. Valid for: 3 months.

This is the only time gleam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.210.9.50 3.210.9.50	14618 (AMAZON-AES) (AMAZON-AES)
3 12	172.66.43.179 172.66.43.179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.20.100 104.18.20.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.31.181 104.18.31.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f27... 2a03:2880:f276:1e9:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:780... 2a02:26f0:780::5f65:36e0	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.9.67 104.18.9.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:17eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (Telegram ...) (Telegram Telegram Messenger Inc)
4	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
46	17

1 3.210.9.50 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-9-50.compute-1.amazonaws.com

wn.nr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.66.43.179 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.20.100 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fraudjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.31.181 (None, )

ASN13335 (CLOUDFLARENET, US)

widget.gleamjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:1e9:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:36e0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.9.67 (None, )

ASN13335 (CLOUDFLARENET, US)

user-assets.out.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:17eb (United States)

ASN13335 (CLOUDFLARENET, US)

images.gleamio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (Telegram Telegram Messenger Inc, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2020 ka-p.fontawesome.com — Cisco Umbrella Rank: 3310	430 KB
12	gleam.io 3 redirects gleam.io — Cisco Umbrella Rank: 82999 js.gleam.io — Cisco Umbrella Rank: 99758	475 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1634	30 KB
2	gstatic.com fonts.gstatic.com	84 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
2	gleamjs.io widget.gleamjs.io — Cisco Umbrella Rank: 104808	429 KB
2	fraudjs.io cdn.fraudjs.io — Cisco Umbrella Rank: 281048	19 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 120
1	telegram.org telegram.org — Cisco Umbrella Rank: 10608	6 KB
1	gleamio.com images.gleamio.com — Cisco Umbrella Rank: 259427	54 KB
1	out.sh user-assets.out.sh — Cisco Umbrella Rank: 310079	2 MB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3945	160 KB
1	instagram.com www.instagram.com — Cisco Umbrella Rank: 1931	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	wn.nr 1 redirects wn.nr	354 B
46	17

	Domain	Requested by
14	ka-p.fontawesome.com	kit.fontawesome.com ka-p.fontawesome.com
10	gleam.io	3 redirects gleam.io widget.gleamjs.io static.cloudflareinsights.com
4	platform.twitter.com	gleam.io platform.twitter.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.youtube.com	gleam.io www.youtube.com
2	connect.facebook.net	gleam.io connect.facebook.net
2	js.gleam.io	gleam.io
2	widget.gleamjs.io	gleam.io
2	cdn.fraudjs.io	gleam.io
1	www.facebook.com	connect.facebook.net
1	telegram.org	gleam.io
1	images.gleamio.com	gleam.io
1	user-assets.out.sh	gleam.io
1	static.cloudflareinsights.com	gleam.io
1	platform.linkedin.com	gleam.io
1	www.instagram.com	gleam.io
1	fonts.googleapis.com	gleam.io
1	kit.fontawesome.com	gleam.io
1	wn.nr	1 redirects
46	19

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
instagram.com
youtube.com
twitter.com
twitch.tv
www.kick.com
discord.gg
www.tiktok.com
steamcommunity.com
t.me

Subject Issuer	Validity	Valid
gleam.io WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
widget.gleamjs.io E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn.fraudjs.io E5	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-10-17` - `2024-11-25`	a month	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2024-03-29` - `2025-03-28`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-27` - `2024-11-25`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
out.sh E5	`2024-11-09` - `2025-02-07`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
gleamio.com WE1	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2024-08-10` - `2025-09-11`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Frame ID: 4FD984CCAE6192D78A69D57DC6FCE0F7
Requests: 45 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: BFD3A73A3EAB4C817D9474D9D46A764B
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgleam.io
Frame ID: 3DE7684331635E77DA797A67B9624BC9
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=true&hideThread=true&id=1858224784401731922&lang=en&origin=https%3A%2F%2Fgleam.io%2F1wXeM%2Floba-x-shuffle-10-iphone-16-giveaway%3Fgsr%3D1wXeM-Balv2gOfrl&sessionId=225a43cd74e25b381545c3d12ab4d9a8e5fb40a4&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 3F62503D012D947D0875D79219310BA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LOBA x SHUFFLE 10 iPHONE 16 GIVEAWAY

Page URL History Show full URLs

https://wn.nr/XS7MSHt HTTP 301
https://gleam.io/1wXeM-Balv2gOfrl HTTP 301
https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

46
Requests

96 %
HTTPS

65 %
IPv6

17
Domains

19
Subdomains

17
IPs

4
Countries

4044 kB
Transfer

7985 kB
Size

13
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/p/DCeyFT1OJC7/
Title: HERE

Search URL Search Domain Scan URL

URL: https://instagram.com/lobanjica853
Title: instagram.com/lobanjica853

Search URL Search Domain Scan URL

URL: https://instagram.com/lobanjica853?ref=badge
Title: Visit lobanjica853 on Instagram

Search URL Search Domain Scan URL

URL: https://instagram.com/shuffle
Title: instagram.com/shuffle

Search URL Search Domain Scan URL

URL: https://instagram.com/shuffle?ref=badge
Title: Visit shuffle on Instagram

Search URL Search Domain Scan URL

URL: https://instagram.com/lobanjicacs
Title: instagram.com/lobanjicacs

Search URL Search Domain Scan URL

URL: https://instagram.com/lobanjicacs?ref=badge
Title: Visit lobanjicacs on Instagram

Search URL Search Domain Scan URL

URL: https://youtube.com/@LOBA853
Title: youtube.com/@LOBA853

Search URL Search Domain Scan URL

URL: https://youtube.com/@lobanjicaLIVE/featured
Title: youtube.com/@lobanjicaLIVE/featured

Search URL Search Domain Scan URL

URL: https://youtube.com/@LobaCS2
Title: youtube.com/@LobaCS2

Search URL Search Domain Scan URL

URL: https://twitter.com/LobanjicaCS
Title: twitter.com/LobanjicaCS

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=LobanjicaCS
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/Shufflecom
Title: twitter.com/Shufflecom

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=Shufflecom
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/lobarewards
Title: twitter.com/lobarewards

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=lobarewards
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1858224784401731922
Title: Repost @LobanjicaCS

Search URL Search Domain Scan URL

URL: https://twitch.tv/Lobanjicaa
Title: twitch.tv/Lobanjicaa

Search URL Search Domain Scan URL

URL: https://www.kick.com/Lobanjica
Title: https://www.kick.com/Lobanjica

Search URL Search Domain Scan URL

URL: https://www.kick.com/shufflecom
Title: https://www.kick.com/shufflecom

Search URL Search Domain Scan URL

URL: https://discord.gg/2xDzH7GF37
Title: Join #moderator-only

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@lobanjica_clips
Title: https://www.tiktok.com/@lobanjica_clips

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@shuffle
Title: https://www.tiktok.com/@shuffle

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/groups/Lobanjica
Title: https://steamcommunity.com/groups/Lobanjica

Search URL Search Domain Scan URL

URL: https://t.me/shufflecom
Title: t.me/shufflecom

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wn.nr/XS7MSHt HTTP 301
https://gleam.io/1wXeM-Balv2gOfrl HTTP 301
https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://gleam.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js HTTP 301
https://cdn.fraudjs.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js

Request Chain 19

https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

46 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request loba-x-shuffle-10-iphone-16-giveaway Show response
gleam.io/1wXeM/
Redirect Chain

https://wn.nr/XS7MSHt
https://gleam.io/1wXeM-Balv2gOfrl
https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

202 KB
38 KB

581ms
580ms

Document
text/html

172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71606a6816e1833bafa66168d476742655ef32bab27120ea1fb7cf1157814b54

Security Headers

Name	Value
Content-Security-Policy	object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: BYPASS
cf-ray: 8e49fa67ffcb9b2b-FRA
content-encoding: br
content-security-policy: object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 18:21:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
g-host: meepo38
link: <https://gleam.io/assets/widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-e1a9388eafb856376b5e208bacf343254fba163403c9a56dd28794bb4ae8f994.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-e1a9388eafb856376b5e208bacf343254fba163403c9a56dd28794bb4ae8f994.js>; rel=preload; as=script; nopush
pragma: no-cache
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: a1e1725f-4011-45a0-8266-a78ca33fb6d2
x-robots-tag: noindex, nofollow
x-runtime: 0.054596
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: BYPASS
cf-ray: 8e49fa665e989b2b-FRA
content-security-policy: frame-ancestors 'self'; object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 18:21:04 GMT
g-host: meepo41
location: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 99af4791-a508-4830-a1e7-67cc559c3145
x-robots-tag: googlebot: nofollow noindex
x-runtime: 0.019712
x-xss-protection: 1; mode=block

GET
H3 200 widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css
gleam.io/assets/ 264 KB
59 KB 44ms
41ms Stylesheet
text/css 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/assets/widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cbc61591490ef7424cd6f4fe1d23ac0211259468f83dce943ba74eb145afe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6721a0d1-421c7"
age: 998531
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/css
last-modified: Wed, 30 Oct 2024 02:58:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=315360000
g-host: meepo45
cf-ray: 8e49fa6bab359b2b-FRA
access-control-allow-origin: https://js.gleam.io
server: cloudflare

GET
H3 200 w-e1a9388eafb856376b5e208bacf343254fba163403c9a56dd28794bb4ae8f994.js Show response
gleam.io/assets/ 1 MB
370 KB 89ms
86ms Script
application/x-javascript 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/assets/w-e1a9388eafb856376b5e208bacf343254fba163403c9a56dd28794bb4ae8f994.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4d3bd2668ac9b6d8a5eb38a58117a6658a397e819846a044c898089984ead48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6721a0de-12f127"
age: 1696212
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Oct 2024 02:58:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=315360000, public
cf-ray: 8e49fa6bab369b2b-FRA
access-control-allow-origin: https://js.gleam.io
server: cloudflare

GET
H2

200

fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js Show response
cdn.fraudjs.io/assets/
Redirect Chain

https://gleam.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js
https://cdn.fraudjs.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js

49 KB
19 KB

145ms
43ms

Script
application/x-javascript

104.18.20.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fraudjs.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Server: 104.18.20.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2a9de5e0c6e3c46f149bf072c6a2f9f0460737aa5fe0ecfc47fb33b018bea5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6721a0d3-c4a5"
age: 1140202
cf-ray: 8e49fa6d4d7a8fce-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Oct 2024 02:58:27 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
location: https://cdn.fraudjs.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js
x-content-type-options: nosniff
cf-ray: 8e49fa6bab389b2b-FRA
expires: Mon, 18 Nov 2024 19:21:05 GMT
access-control-allow-origin: https://js.gleam.io
alt-svc: h3=":443"; ma=86400
content-length: 167
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 w-e1a9388eafb856376b5e208bacf343254fba163403c9a56dd28794bb4ae8f994.js Show response
widget.gleamjs.io/assets/ 1 MB
370 KB 128ms
40ms Script
application/x-javascript 104.18.31.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/w-e1a9388eafb856376b5e208bacf343254fba163403c9a56dd28794bb4ae8f994.js
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d3bd2668ac9b6d8a5eb38a58117a6658a397e819846a044c898089984ead48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6721a0d3-12f127"
age: 1180593
cf-ray: 8e49fa6c3b5c37e0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Oct 2024 02:58:27 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css
widget.gleamjs.io/assets/ 264 KB
58 KB 152ms
64ms Stylesheet
text/css 104.18.31.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64cbc61591490ef7424cd6f4fe1d23ac0211259468f83dce943ba74eb145afe5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
g-host: meepo45
etag: W/"6721a0d1-421c7"
age: 1181456
cf-cache-status: HIT
cf-ray: 8e49fa6c3b5737e0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/css
last-modified: Wed, 30 Oct 2024 02:58:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 b36c7d9009.css
kit.fontawesome.com/ 299 B
521 B 104ms
43ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/b36c7d9009.css
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b6b3f692defbeb21372912758663407687ae822e002a26ca74440054c72e036

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://gleam.io/

Response headers

access-control-max-age: 3000
x-request-id: GALTz39Lbw2UrjHMieKh
cache-control: max-age=300, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: HIT
age: 221
access-control-allow-methods: GET, OPTIONS
cf-ray: 8e49fa6c091018f7-FRA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/css
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 97ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1de25148ccf4059831c047b326adcab9d594ec8807a81b5342923e1059855c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 18:21:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 18 Nov 2024 18:15:54 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js Show response
cdn.fraudjs.io/assets/ 49 KB
0 2ms
1ms Script
application/x-javascript 104.18.20.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fraudjs.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2a9de5e0c6e3c46f149bf072c6a2f9f0460737aa5fe0ecfc47fb33b018bea5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6721a0d3-c4a5"
age: 1140202
cf-ray: 8e49fa6d4d7a8fce-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Oct 2024 02:58:27 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 embed.js Show response
www.instagram.com/ 57 KB
20 KB 364ms
202ms Script
application/x-javascript 2a03:2880:f276:1e9:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e233d493f3a7537480689143e1a1731e636354110b5482ef819c15097ffd248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

content-md5: stgptKs8Tq1UOshJKwvJEg==
access-control-expose-headers: X-FB-Content-MD5
x-stack: www
content-encoding: zstd
etag: "aed2863007fee62d1a81ca6b9f5d398f"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 18:41:05 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=1200s
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
x-fb-debug: o2U2NEIo0FVwu+IfVnJbLWna9Ng7hfr6LRgwhalLS8qGRbWYgc6bL+dAWv6RAEzy7/6LVuC7nT0dM54syAIwrw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-fb-content-md5: 888e3bea520be36b0542963119dcff12
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 20727
origin-agent-cluster: ?1

GET
H3 200 logo.svg
js.gleam.io/images/ 731 B
590 B 81ms
67ms Image
image/svg+xml 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.svg

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
g-host: meepo38
etag: W/"6735cf5b-2db"
age: 1370
cf-cache-status: HIT
x-content-type-options: nosniff
cf-ray: 8e49fa6c9c089b2b-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 10:22:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 120ms
29ms Script
text/javascript 2a02:26f0:780::5f65:36e0
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:36e0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Play /

Resource Hash

f16a9696b3176614d3fe439def6fd9754fd489877999517b99b3b2f265cb7990

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

x-li-pop: prod-lva1-x
cache-control: public, max-age=3600
content-encoding: gzip
x-cdn: AKAM
x-li-fabric: prod-lva1
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 18:56:30 GMT
x-li-uuid: AAYnM6LnXXQwppciKa5P9Q==
x-li-proto: http/1.1
content-length: 163630
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: Play
x-cdn-client-ip-version: IPV6

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 212ms
43ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://gleam.io/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e49fa6f4a359142-FRA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
180 KB 147ms
39ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kit.fontawesome.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-2cce4"
age: 323728
cf-ray: 8e49fa6d7b75d344-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 183524
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
7 KB 169ms
60ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=b36c7d9009
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kit.fontawesome.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b8-1c1c"
age: 1050766
cf-ray: 8e49fa6d8b7cd344-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7196
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 custom-icons.css
ka-p.fontawesome.com/assets/b36c7d9009/131276305/ 12 KB
8 KB 169ms
61ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/assets/b36c7d9009/131276305/custom-icons.css?token=b36c7d9009
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55638b4aeb9090a1f15479188e20ca64d8382a0dad3c130e544d6dc07ee36a40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kit.fontawesome.com/

Response headers

x-cache-status: MISS
cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"169649f8d41abcad1071efc2280eaf39"
age: 1174224
cf-ray: 8e49fa6d7b7bd344-FRA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/css
last-modified: Tue, 13 Aug 2024 14:35:00 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 76ms
32ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

260434c8ec2ad1ec034d0a4c54b1b23fd5d4931cb6a454a29a4db3923146f796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

content-md5: 6d1XavmjoHsonn2RwBOs6g==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "2970cd1426c69fcdeb371196bedd86d9"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 18:21:54 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: fdf718d05536fadf5e04c349678d6028
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4442, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug: L/8nlMH84VOOH/AO0w8RKqQaRtJ+ZrumQYtrLskccCUvN41DHipwXNUZLtiFIiz1m8rDzsC9Mni728xn+HIPAg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1684
origin-agent-cluster: ?1

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 135ms
56ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62a192ba53271f87017480bd8a6ad75418f2648788f4e65cfba45dd7f615fb27

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Mon, 18 Nov 2024 18:21:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 loba-x-shuffle-iphone-giveaway---gleam-bg.png
user-assets.out.sh/user-assets/2177778/E3mlaVaQQ8vUofCr/ 2 MB
2 MB 236ms
152ms Image
image/webp 104.18.9.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-assets.out.sh/user-assets/2177778/E3mlaVaQQ8vUofCr/loba-x-shuffle-iphone-giveaway---gleam-bg.png
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e71d80976b5c4251a67afedc1fe7861354aa7d110da8fa40159418ef268a7e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

cf-bgj: imgq:85,h2pri
etag: "289f27ab793db677cca7ca14f379def8"
x-amz-version-id: ORabqIlsQ7ET1ZsKOkP7VbbwWWrjV6E.
cf-cache-status: HIT
expires: Mon, 18 Nov 2024 22:21:05 GMT
cf-polished: origFmt=png, origSize=7204554
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: image/webp
content-disposition: inline; filename="loba-x-shuffle-iphone-giveaway---gleam-bg.webp"
vary: Accept
last-modified: Sat, 16 Nov 2024 15:40:18 GMT
x-amz-id-2: vnxioKNR31/15UHg+cA2puwbzdMciQ3dTawLFY83PB8aH3I0uftdbnscn+VQpjp54/BaMt6Q8NI=
cache-control: public, max-age=14400
x-amz-request-id: PGHSF8HJPWHW9NTQ
cf-ray: 8e49fa6f9a6c9b3f-FRA
accept-ranges: bytes
content-length: 2282846
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 256 KB
75 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=75d3ceebc99e6d4fbeb715dea02560bb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

519676fc4a84fca495aae8b3d5ae6a6fa0ea28276269c59760daca285b99778c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://gleam.io/

Response headers

content-md5: UjDGn7n1Anz1x9GvAO9ing==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "1899fc7c007def007e43d750020403f5"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 17:16:03 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 227028eeb449064b9c1562bc4628ff27
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1825, tp=5, tpl=0, uplat=3, ullat=-1
x-fb-debug: WEOQD5s5n9nWGuaLj8Y6ZmwlBiiXOc/MownOAVGcfks0/qSLnl1hszoDqtwQiw8hyNANOszJEB6B/j0gMSE89Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76216
origin-agent-cluster: ?1

GET
H3

200

main.js Show response
gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame BFD3
Redirect Chain

https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

41ms
40ms

Script
application/javascript

172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aeb0b5b7889a43fa596a3b915881050ce5c9d2fbbf2c8e4f5405e75a94b8023

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8e49fa7278d29b2b-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
x-content-type-options: nosniff
cf-ray: 8e49fa6fae959b2b-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 18:21:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://fonts.googleapis.com/

Response headers

age: 442365
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:28:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:28:21 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 15 KB
15 KB 128ms
123ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63f-3d88"
age: 1093698
cf-ray: 8e49fa72c8bf18f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15752
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 116ms
26ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://fonts.googleapis.com/

Response headers

age: 399285
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 03:26:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 03:26:21 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H2 200 pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 14 KB
14 KB 98ms
93ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-1.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecdb8e5d122f3c7d50eb502ef2eeab04d673bfbb9606325d1acb5a9ecf3ea5b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63f-36d0"
age: 1424239
cf-ray: 8e49fa72b89e18f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14032
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 12 KB
12 KB 97ms
92ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-0.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41704d8589e4826363b6316d6a5e5d6da5f3fdee55723188a25be0524b9399dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63f-2ed4"
age: 1095611
cf-ray: 8e49fa72b8a018f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11988
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 14 KB
14 KB 126ms
122ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-regular-400-0.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70159909cf9a1df78dadf35e0bea44c9b8ab4bfa5b675ccdc28acfc5333151fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63a-38f4"
age: 992745
cf-ray: 8e49fa72b8a218f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14580
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:10 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 checkbox.png
gleam.io/images/ 368 B
706 B 74ms
74ms Image
image/webp 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gleam.io/images/checkbox.png

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.gleamjs.io/

Response headers

cf-bgj: imgq:85,h2pri
etag: "671916ba-28f"
age: 1768694
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origFmt=png, origSize=655
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: image/webp
content-disposition: inline; filename="checkbox.webp"
vary: Accept
last-modified: Wed, 23 Oct 2024 15:31:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=315360000
g-host: meepo42
cf-ray: 8e49fa7198279b2b-FRA
accept-ranges: bytes
content-length: 368
server: cloudflare

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 252 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59409273a95b0ed40a1eda700086785430dae3d0f0efee99bffd67b8877d6007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 37 KB
37 KB 96ms
91ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a637-9204"
age: 1083174
cf-ray: 8e49fa72b8a418f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37380
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:07 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b12671ae3705a8a2f618fc8053b9cb5fdc3e616a9cfbfe3e1f04967ba5e0a957

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer

Response headers

Content-Type: font/woff2

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 40 KB
40 KB 128ms
124ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-1.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a637-9e3c"
age: 1787006
cf-ray: 8e49fa72b8a518f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40508
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:07 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 17 KB
17 KB 126ms
122ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-regular-400-1.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab1bc600262d1105f7c72c4698f963f18a63559af0ce449e1098a5c2e370f4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63a-422c"
age: 818888
cf-ray: 8e49fa72b8a918f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16940
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:10 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 13 KB
13 KB 125ms
121ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-14.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57143177f2457af31b1cf55d603b44803355258a54bf573d94e7ed452f7a8786

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63f-353c"
age: 1435078
cf-ray: 8e49fa72b8aa18f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13628
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-solid-900-7.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 22 KB
22 KB 126ms
122ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-7.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3355042ad673535518421cb7617f9ee9e9629ab1bd7859dbdd74cf15bc6889d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a640-5920"
age: 7219165
cf-ray: 8e49fa72b8ab18f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22816
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:16 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-solid-900-15.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 12 KB
12 KB 126ms
123ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-15.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f630d2f965cc34b0c256ce51eaaaea21ec0cd43059a0aff87013aa0cfde278

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63f-3064"
age: 917507
cf-ray: 8e49fa72b8ac18f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12388
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-brands-400-2.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 38 KB
39 KB 124ms
121ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-2.woff2
Requested by: Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93971a7609a14e0f68bf1f0d8e87e28f2c5de0d3416ac783a7178337a8a0c92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://gleam.io
Referer: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a638-99d8"
age: 905613
cf-ray: 8e49fa72b8ae18f7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39384
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:08 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 loba-x-shuffle-iphone-giveaway---1920x1080.png
images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1080,onerror=redirect/https://user-assets.out.sh/user-assets/2177778/DHa1SBC4baMZE98S/ 53 KB
54 KB 153ms
61ms Image
image/avif 2606:4700::6812:17eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1080,onerror=redirect/https://user-assets.out.sh/user-assets/2177778/DHa1SBC4baMZE98S/loba-x-shuffle-iphone-giveaway---1920x1080.png

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:17eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d4929fd16a9f74d87d63115ab2ef1c4241d4405e2ae6170b29a4bf661f5259

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

cf-cache-status: HIT
etag: "cfEzeJHqNafeR8smkIqxUmldiSiHlin5-dsK3_kpnHDQ:2310a6b5fe20eff698ab199dbd155708"
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=27+485 c=35+353 v=2024.10.6 l=54594 f=false
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: image/avif
last-modified: Sat, 16 Nov 2024 15:38:48 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=14400
cf-ray: 8e49fa72e83a1d9a-FRA
accept-ranges: bytes
content-length: 54594
server: cloudflare

GET
H2 200 telegram-widget.js Show response
telegram.org/js/ 20 KB
6 KB 149ms
32ms Script
application/javascript 2001:67c:4e8:f004::9
Telegram Telegram...

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-widget.js

Requested by

Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=345600
content-encoding: gzip
etag: W/"642abc84-4ff5"
expires: Fri, 22 Nov 2024 18:21:06 GMT
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: application/javascript
last-modified: Mon, 03 Apr 2023 11:46:12 GMT
server: nginx/1.18.0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5f315c3d/www-widgetapi.vflset/ 30 KB
10 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5f315c3d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

content-encoding: br
age: 35377
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 08:31:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 08:31:29 GMT
last-modified: Mon, 18 Nov 2024 05:21:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 103ms
29ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: gleam.io
URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Mon, 18 Nov 2024 18:21:06 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200137-IAD, cache-fra-etou8220060-FRA
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 98ms
56ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=152351391599356&input_token&origin=1&redirect_uri=https%3A%2F%2Fgleam.io%2F1wXeM%2Floba-x-shuffle-10-iphone-16-giveaway%3Fgsr%3D1wXeM-Balv2gOfrl&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=75d3ceebc99e6d4fbeb715dea02560bb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

access-control-expose-headers: fb-s
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438686073187238282"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: text/plain; charset=UTF-8
x-fb-debug: 0DA9fEEdBcwkH/Z3lZyHl3pLDLb43BHGCBUn19svqAP/o4M8hi209r+AgOTYVA8x81ixbuyEfsF/XNNj/TyVWw==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438686073187238282", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control: private, no-cache, no-store, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4441, tp=9, tpl=0, uplat=32, ullat=0
pragma: no-cache
fb-s: unknown
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://gleam.io
content-length: 0
origin-agent-cluster: ?1

POST
H3 200 8e49fa67ffcb9b2b Show response
gleam.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BFD3 0
1 KB 48ms
38ms XHR
text/plain 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/jsd/r/8e49fa67ffcb9b2b

Requested by

Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=1Q.8V6dTb.cv8BhIe09iyHJ25_XUnipy.I6s.VJ0yl8-1731954066-1.0.1.1-XnBE6Y5BDWtC1MOP9zErBJxLbABlGKIpMaanRT_KJOvYSuDMo_ZMtQ0Ep9crtBOhUIlslAxv_lKFswoakPg.HK_dNpanTtk3Lmka2UcYQAvcvR2FJ6dnFYijv6zCqTxmXAE3bi1oR6wzkxNoMUK2jw"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=1Q.8V6dTb.cv8BhIe09iyHJ25_XUnipy.I6s.VJ0yl8-1731954066-1.0.1.1-XnBE6Y5BDWtC1MOP9zErBJxLbABlGKIpMaanRT_KJOvYSuDMo_ZMtQ0Ep9crtBOhUIlslAxv_lKFswoakPg.HK_dNpanTtk3Lmka2UcYQAvcvR2FJ6dnFYijv6zCqTxmXAE3bi1oR6wzkxNoMUK2jw; report-to cf-csp-endpoint
cf-ray: 8e49fa741a0c9b2b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 3DE7 0
0 92ms
29ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgleam.io
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 18:21:06 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000164-IAD, cache-fra-etou8220097-FRA

POST
H3 204 rum Show response
gleam.io/cdn-cgi/ 0
136 B 42ms
41ms XHR
text/plain 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e49fa765bfb9b2b-FRA
access-control-allow-origin: https://gleam.io
date: Mon, 18 Nov 2024 18:21:06 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.svg
js.gleam.io/ 440 B
445 B 45ms
44ms Other
image/svg+xml 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.gleam.io/favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fda06989c001f8645052af2f8be047113cf7dfdce1673c1f1f0f3a49d2b30000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
g-host: meepo44
etag: W/"6735cf5b-1b8"
age: 3510
cf-cache-status: HIT
x-content-type-options: nosniff
cf-ray: 8e49fa765c029b2b-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 18:21:06 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Nov 2024 10:22:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tweet.d7aeb21a88e025d2ea5f5431a103f586.js Show response
platform.twitter.com/js/ 8 KB
3 KB 30ms
29ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gleam.io/

Response headers

content-encoding: gzip
etag: "1836187c57e3f0873abebe6985a39f5a+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Mon, 18 Nov 2024 18:21:07 GMT
last-modified: Mon, 11 Dec 2023 17:19:47 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200124-IAD, cache-fra-etou8220060-FRA
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2725
x-amz-server-side-encryption: AES256

GET
H2 200 Tweet.html
platform.twitter.com/embed/ Frame 3F62 0
0 34ms
32ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=true&hideThread=true&id=1858224784401731922&lang=en&origin=https%3A%2F%2Fgleam.io%2F1wXeM%2Floba-x-shuffle-10-iphone-16-giveaway%3Fgsr%3D1wXeM-Balv2gOfrl&sessionId=225a43cd74e25b381545c3d12ab4d9a8e5fb40a4&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800
content-encoding: gzip
content-length: 213
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 18:21:07 GMT
etag: "0d60462b44e0e0c34f053fa13e86675d+gzip"
last-modified: Thu, 05 Sep 2024 16:06:30 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kcgs7200058-IAD, cache-fra-etou8220097-FRA

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gleam.io/	1970-01-21 01:05:57	Name: PP-1wXeM Value: *
gleam.io/	1970-01-21 01:07:20	Name: owner_token Value: QLLmo0pxWjH5bB3LJLtpNw
gleam.io/	1970-01-21 01:26:03	Name: SH-1wXeM Value: Balv2gOfrl
.gleam.io/	1970-01-21 01:05:55	Name: __cf_bm Value: wXoX2VXVDjXHPvSibyCxTqEz97q7GsMWr2oyL8K_GqY-1731954064-1.0.1.1-cXsWGLa_pSIcBMunMLCrbGGyls2JuWPfWAoFK469ZCB1bHcedlRzh1d2NQ1n0gbW9swxBrq_ZlTlR79jWZ9_4g
gleam.io/	1970-01-21 01:07:20	Name: RL-1wXeM Value: https%3A%2F%2Fgleam.io%2F1wXeM%2Floba-x-shuffle-10-iphone-16-giveaway
gleam.io/	1969-12-31 23:59:59	Name: _gfpc Value: t
gleam.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: HQWd3dFRkUsZluasyVqAIC_6hV0hbUrgnluQe9-d8AeK7ciYC-7kxLlkIklWD3lCMNnIU0-Z8eU2ovSOjsxW0A
gleam.io/	1970-01-21 01:46:13	Name: _app_session Value: m%2FxPuTEPKwEcn6xFkeT%2BTMsSXp4z%2F92TpE0SsDW6PJKqT4Vny4JZ7%2FnkCqR5o2M8A2OFQa1GAjik8CneSuhBhLzvHTna%2Fa2yJhv0NR462Ett%2BgyU%2BQlmogMONTikH9xf9Za2Y%2B37fqJCZIkFlBVUpeIKd7vuqjM9Ig%2BMeWlRc5YhA3KHYDDPHwGE%2BWB9LxpGukUUOE4snsGL9mo6hcCyEPDrBRHcLDIOIH0HuxI24JO7jNtAO9COR4XTZBtWmDOPX3dFwrKQc1fnZxXOGRo0qRAF%2F6s1Q%2FUureGsJaEu3WxNevqPFy9Kn%2FVe--pIV3gpv92dV8BreO--pMHsRJzGyRh4b8Ej64APXw%3D%3D
gleam.io/	1969-12-31 23:59:59	Name: fpr Value: 9739d5ad4a774696b10a3b108cd18205.b26deaee2ac166a7aa845bad1a935f2f
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EajOUL4mbOM
.youtube.com/	1970-01-21 05:25:06	Name: VISITOR_INFO1_LIVE Value: r9xe8opSPN4
.youtube.com/	1970-01-21 05:25:06	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgMg%3D%3D
.gleam.io/	1970-01-21 09:51:30	Name: cf_clearance Value: GcAAqHT2xF8nE3cBZ63ayuTIxpOF1g_qgEFStEpssA4-1731954066-1.2.1.1-EYf60edcCBG6nbuLATKHkm.oZvl.N0X90hW98msDqDR2Mi2sdZ0a5ZjdHAVpFmDk.yJ.rEuBpBS15_8gdXPkfo_qRH7_CTermsI_xljE_tUZih9YIPvaqP_.FBMgJtoHJqVZlCk9rjpHrXYnII71YF4vyrR2imAFz5cDOAedrJ7UJ56geG6gxQj_EmiStutMtS6wBGKUUfrLpjTxQg8gC_VHe0rd9YWHR0cJsbi98lhjOy2xYKqw3riOoZFKnwF69Eel7ZeURORj6I7km99RZFTxS.eKNC2lvOkDmTydJvXjpvb7Ax6Euwy7xf2KeyVI_q4IOqiz_nfjxBU1c24gNQ.FZPugsFVJcSUvacHqPhHV2wS96vJY3PgPB.kULbW.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl Message: The resource https://gleam.io/assets/fraud-17ed70669a0e30ba6c68a015acc709cd5f2012a1bf7503ff2b5b6f0a6fae5cca.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl Message: The resource https://gleam.io/assets/w-e1a9388eafb856376b5e208bacf343254fba163403c9a56dd28794bb4ae8f994.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://gleam.io/1wXeM/loba-x-shuffle-10-iphone-16-giveaway?gsr=1wXeM-Balv2gOfrl Message: The resource https://gleam.io/assets/widget-classic-c03d2971b4406630415bc4cde256787a1883cef2c941ab626fe7b94fda47279b.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fraudjs.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gleam.io
images.gleamio.com
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
platform.linkedin.com
platform.twitter.com
static.cloudflareinsights.com
telegram.org
user-assets.out.sh
widget.gleamjs.io
wn.nr
www.facebook.com
www.instagram.com
www.youtube.com
104.18.20.100
104.18.31.181
104.18.9.67
146.75.120.157
172.66.43.179
2001:67c:4e8:f004::9
2606:4700:4400::6812:2844
2606:4700::6810:4f49
2606:4700::6812:17eb
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::200e
2a02:26f0:780::5f65:36e0
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a03:2880:f276:1e9:face:b00c:0:4420
3.210.9.50
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
0e233d493f3a7537480689143e1a1731e636354110b5482ef819c15097ffd248
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
1de25148ccf4059831c047b326adcab9d594ec8807a81b5342923e1059855c65
25f630d2f965cc34b0c256ce51eaaaea21ec0cd43059a0aff87013aa0cfde278
260434c8ec2ad1ec034d0a4c54b1b23fd5d4931cb6a454a29a4db3923146f796
2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c
3355042ad673535518421cb7617f9ee9e9629ab1bd7859dbdd74cf15bc6889d6
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41704d8589e4826363b6316d6a5e5d6da5f3fdee55723188a25be0524b9399dc
45d4929fd16a9f74d87d63115ab2ef1c4241d4405e2ae6170b29a4bf661f5259
519676fc4a84fca495aae8b3d5ae6a6fa0ea28276269c59760daca285b99778c
55638b4aeb9090a1f15479188e20ca64d8382a0dad3c130e544d6dc07ee36a40
57143177f2457af31b1cf55d603b44803355258a54bf573d94e7ed452f7a8786
59409273a95b0ed40a1eda700086785430dae3d0f0efee99bffd67b8877d6007
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
5e71d80976b5c4251a67afedc1fe7861354aa7d110da8fa40159418ef268a7e1
62a192ba53271f87017480bd8a6ad75418f2648788f4e65cfba45dd7f615fb27
64cbc61591490ef7424cd6f4fe1d23ac0211259468f83dce943ba74eb145afe5
67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486
6aeb0b5b7889a43fa596a3b915881050ce5c9d2fbbf2c8e4f5405e75a94b8023
70159909cf9a1df78dadf35e0bea44c9b8ab4bfa5b675ccdc28acfc5333151fc
71606a6816e1833bafa66168d476742655ef32bab27120ea1fb7cf1157814b54
79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5
7b6b3f692defbeb21372912758663407687ae822e002a26ca74440054c72e036
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
a4d3bd2668ac9b6d8a5eb38a58117a6658a397e819846a044c898089984ead48
aab1bc600262d1105f7c72c4698f963f18a63559af0ce449e1098a5c2e370f4d
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
b12671ae3705a8a2f618fc8053b9cb5fdc3e616a9cfbfe3e1f04967ba5e0a957
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
ba2a9de5e0c6e3c46f149bf072c6a2f9f0460737aa5fe0ecfc47fb33b018bea5
c93971a7609a14e0f68bf1f0d8e87e28f2c5de0d3416ac783a7178337a8a0c92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdb8e5d122f3c7d50eb502ef2eeab04d673bfbb9606325d1acb5a9ecf3ea5b7
f16a9696b3176614d3fe439def6fd9754fd489877999517b99b3b2f265cb7990
fda06989c001f8645052af2f8be047113cf7dfdce1673c1f1f0f3a49d2b30000
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

gleam.io Open in urlscan Pro 172.66.43.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

96 %HTTPS

65 %IPv6

17 Domains

19 Subdomains

17 IPs

4 Countries

4044 kBTransfer

7985 kBSize

13 Cookies

25 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gleam.io Open in urlscan Pro
172.66.43.179 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

96 %
HTTPS

65 %
IPv6

17
Domains

19
Subdomains

17
IPs

4
Countries

4044 kB
Transfer

7985 kB
Size

13
Cookies

46 HTTP transactions
3 data transactions