Submitted URL: https://wn.nr/pjSLbwt
Effective URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Submission: On September 14 via manual from US — Scanned from CA

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 40 HTTP transactions. The main IP is 172.66.40.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is gleam.io. The Cisco Umbrella rank of the primary domain is 84278.
TLS certificate: Issued by WE1 on September 12th 2024. Valid for: 3 months.
This is the only time gleam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.232.150.28 14618 (AMAZON-AES)
3 14 172.66.40.77 13335 (CLOUDFLAR...)
2 104.18.21.100 13335 (CLOUDFLAR...)
2 104.18.31.181 13335 (CLOUDFLAR...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
40 13
Apex Domain
Subdomains
Transfer
14 gleam.io
gleam.io — Cisco Umbrella Rank: 84278
js.gleam.io — Cisco Umbrella Rank: 103316
481 KB
13 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1900
ka-p.fontawesome.com — Cisco Umbrella Rank: 3287
372 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
2 gstatic.com
fonts.gstatic.com
80 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
87 KB
2 gleamio.com
images.gleamio.com — Cisco Umbrella Rank: 211777
221 KB
2 gleamjs.io
widget.gleamjs.io — Cisco Umbrella Rank: 112004
428 KB
2 fraudjs.io
cdn.fraudjs.io — Cisco Umbrella Rank: 262556
19 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 670
7 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3750
160 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 wn.nr
wn.nr
348 B
40 12
Domain Requested by
12 ka-p.fontawesome.com kit.fontawesome.com
ka-p.fontawesome.com
12 gleam.io 3 redirects gleam.io
widget.gleamjs.io
static.cloudflareinsights.com
3 www.facebook.com connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net gleam.io
connect.facebook.net
2 js.gleam.io gleam.io
2 images.gleamio.com gleam.io
2 widget.gleamjs.io gleam.io
2 cdn.fraudjs.io gleam.io
1 static.cloudflareinsights.com gleam.io
1 platform.linkedin.com gleam.io
1 fonts.googleapis.com gleam.io
1 kit.fontawesome.com gleam.io
1 wn.nr 1 redirects
40 14
Subject Issuer Validity Valid
gleam.io
WE1
2024-09-12 -
2024-12-11
3 months crt.sh
widget.gleamjs.io
E6
2024-09-13 -
2024-12-12
3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-01-27
6 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
cdn.fraudjs.io
E5
2024-09-12 -
2024-12-11
3 months crt.sh
gleamio.com
WE1
2024-08-11 -
2024-11-09
3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA
2024-03-29 -
2025-03-28
a year crt.sh
cloudflareinsights.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-23 -
2024-09-21
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh

This page contains 4 frames:

Primary Page: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Frame ID: 29267027C0B6191E6090DE83BF682589
Requests: 38 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: 60394F75D3CA4001C7007A6E3E52D72D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb52834b647ea7453%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ffe98140deb19c5286%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FPUBGMOBILE&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 6EFC25A6F989D1D29255C411FB3E615D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4e1d6708ae322fc6%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ffe98140deb19c5286%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPUBGMOBILE&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: F39F0F55EED2697DCC73301B2DD21757
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

PUBG MOBILE Bloodmoon Giveaway

Page URL History Show full URLs

  1. https://wn.nr/pjSLbwt HTTP 301
    https://gleam.io/Lf0W1-DDOAKzWBXT HTTP 301
    https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js

Page Statistics

40
Requests

95 %
HTTPS

69 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

1856 kB
Transfer

5693 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wn.nr/pjSLbwt HTTP 301
    https://gleam.io/Lf0W1-DDOAKzWBXT HTTP 301
    https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://gleam.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js HTTP 301
  • https://cdn.fraudjs.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
Request Chain 17
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pubg-mobile-bloodmoon-giveaway
gleam.io/Lf0W1/
Redirect Chain
  • https://wn.nr/pjSLbwt
  • https://gleam.io/Lf0W1-DDOAKzWBXT
  • https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
199 KB
36 KB
Document
General
Full URL
https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe99abfe1be9c1d37044d0bf70b5462fc26b0f0353c1d8db6976fcdd1978300
Security Headers
Name Value
Content-Security-Policy object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
BYPASS
cf-ray
8c2c67faaf4436c3-YYZ
content-encoding
br
content-security-policy
object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Sat, 14 Sep 2024 00:54:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
g-host
meepo37
link
<https://gleam.io/assets/widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-cfe141eecd0228e11512181beb0caca91f83ee863d3099de126bab2307721327.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-cfe141eecd0228e11512181beb0caca91f83ee863d3099de126bab2307721327.js>; rel=preload; as=script; nopush
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
94828937-fbc4-4377-b891-337bc5d4b205
x-robots-tag
noindex, nofollow
x-runtime
0.042365
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
BYPASS
cf-ray
8c2c67f9ae7236c3-YYZ
content-security-policy
frame-ancestors 'self'; object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Sat, 14 Sep 2024 00:54:30 GMT
g-host
meepo32
location
https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
8eb28b78-6f03-42fe-8830-33cdf4167ff1
x-robots-tag
googlebot: nofollow noindex
x-runtime
0.021681
x-xss-protection
1; mode=block
widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css
gleam.io/assets/
265 KB
59 KB
Stylesheet
General
Full URL
https://gleam.io/assets/widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ea9410e29cd3e06a611647bb03864e8da46ff42e18f7baca5da7fee2705e91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
526781
g-host
meepo31
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 03 Sep 2024 11:38:42 GMT
server
cloudflare
etag
W/"66d6f542-42314"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000
cf-ray
8c2c67fbe83036c3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
w-cfe141eecd0228e11512181beb0caca91f83ee863d3099de126bab2307721327.js
gleam.io/assets/
1 MB
370 KB
Script
General
Full URL
https://gleam.io/assets/w-cfe141eecd0228e11512181beb0caca91f83ee863d3099de126bab2307721327.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a3134d70475a5e6c07b5922ce2b181b767ca74b032e5a28bede11d8aff7ed4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
526781
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 07 Sep 2024 09:55:44 GMT
server
cloudflare
etag
W/"66dc2320-12e873"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000, public
cf-ray
8c2c67fbe83336c3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
cdn.fraudjs.io/assets/
Redirect Chain
  • https://gleam.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
  • https://cdn.fraudjs.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
49 KB
19 KB
Script
General
Full URL
https://cdn.fraudjs.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Server
104.18.21.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2a9de5e0c6e3c46f149bf072c6a2f9f0460737aa5fe0ecfc47fb33b018bea5

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 00:39:19 GMT
server
cloudflare
age
1642032
etag
W/"66cbceb7-c4a5"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
8c2c67ff8c6eaabc-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 14 Sep 2024 00:54:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://cdn.fraudjs.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=3600
cf-ray
8c2c67fbe83536c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
167
expires
Sat, 14 Sep 2024 01:54:31 GMT
w-cfe141eecd0228e11512181beb0caca91f83ee863d3099de126bab2307721327.js
widget.gleamjs.io/assets/
1 MB
370 KB
Script
General
Full URL
https://widget.gleamjs.io/assets/w-cfe141eecd0228e11512181beb0caca91f83ee863d3099de126bab2307721327.js
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a3134d70475a5e6c07b5922ce2b181b767ca74b032e5a28bede11d8aff7ed4

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 07 Sep 2024 09:55:42 GMT
server
cloudflare
age
571781
etag
W/"66dc231e-12e873"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
8c2c67fd5896ab51-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css
widget.gleamjs.io/assets/
265 KB
59 KB
Stylesheet
General
Full URL
https://widget.gleamjs.io/assets/widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ea9410e29cd3e06a611647bb03864e8da46ff42e18f7baca5da7fee2705e91

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2024 11:38:42 GMT
server
cloudflare
age
911286
etag
W/"66d6f542-42314"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
g-host
meepo31
cf-ray
8c2c67fd5895ab51-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
b36c7d9009.css
kit.fontawesome.com/
299 B
521 B
Stylesheet
General
Full URL
https://kit.fontawesome.com/b36c7d9009.css
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6b3f692defbeb21372912758663407687ae822e002a26ca74440054c72e036

Request headers

Referer
https://gleam.io/
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
34
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=300, public, stale-while-revalidate=30
cf-ray
8c2c67fdda123a05-YYZ
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F-tQbWg1gRlVOoBF8Txi
css
fonts.googleapis.com/
16 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
469396b425e41f947ec2419ea0a49091c6275add55093ab102b2b8a8cf885fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Sep 2024 00:54:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Sep 2024 00:54:31 GMT
fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
cdn.fraudjs.io/assets/
49 KB
0
Script
General
Full URL
https://cdn.fraudjs.io/assets/fraud-3397b5a37d6c96586c0e7a983951c90efa463221b384dffd056413b1ed27fbd3.js
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2a9de5e0c6e3c46f149bf072c6a2f9f0460737aa5fe0ecfc47fb33b018bea5

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 00:39:19 GMT
server
cloudflare
age
1642032
etag
W/"66cbceb7-c4a5"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
8c2c67ff8c6eaabc-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
pubg_mobile_simple_black@2048px.png
images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1024,onerror=redirect/https://gleam-prod-user-assets.s3.amazonaws.com/user-assets/785256/8R5R21mRpOun7mCZ/
46 KB
46 KB
Image
General
Full URL
https://images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1024,onerror=redirect/https://gleam-prod-user-assets.s3.amazonaws.com/user-assets/785256/8R5R21mRpOun7mCZ/pubg_mobile_simple_black@2048px.png
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:16eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046099e2db6768d631db9ebef20d173006c64360fb1ef25e4135d5c0303c0736
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
47028
cf-resized
internal=ok/h q=0 n=15+262 c=0+0 v=2024.9.3 l=47028 f=false
last-modified
Tue, 21 Jun 2022 03:29:35 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfxmw0UXD8u9Zt2kjnSeGwHscvvj3ztppEIUSxfBRdDQ:2623da4d4ae513643c3ccb8acec1da21"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c2c67fd39cb36c3-YYZ
logo.svg
js.gleam.io/images/
731 B
590 B
Image
General
Full URL
https://js.gleam.io/images/logo.svg
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 11 Sep 2024 06:39:44 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
6861
etag
W/"66e13b30-2db"
vary
Accept-Encoding
content-type
image/svg+xml
g-host
meepo34
cf-ray
8c2c67fc58ad36c3-YYZ
alt-svc
h3=":443"; ma=86400
in.js
platform.linkedin.com/
510 KB
160 KB
Script
General
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:6::17df:d10c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
server
Play
x-li-pop
prod-lva1-x
x-cdn
AKAM
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-lva1
cache-control
public, max-age=3600
x-li-proto
http/1.1
content-length
163630
x-li-uuid
AAYiCapk2CMSRKX0mgWRaw==
expires
Sat, 14 Sep 2024 01:46:09 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://gleam.io/
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:32 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8c2c68043bf5a23a-YYZ
pro.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/
1 MB
180 KB
Stylesheet
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
age
5129559
etag
"6695a0b7-2cce4"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680038de39e4-YYZ
content-length
183524
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/
50 KB
7 KB
Stylesheet
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
server
cloudflare
age
5129559
etag
"6695a0b8-1c1c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680038e139e4-YYZ
content-length
7196
custom-icons.css
ka-p.fontawesome.com/assets/b36c7d9009/131276305/
12 KB
8 KB
Stylesheet
General
Full URL
https://ka-p.fontawesome.com/assets/b36c7d9009/131276305/custom-icons.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55638b4aeb9090a1f15479188e20ca64d8382a0dad3c130e544d6dc07ee36a40

Request headers

Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 14:35:00 GMT
server
cloudflare
age
2715488
etag
W/"169649f8d41abcad1071efc2280eaf39"
x-cache-status
MISS
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8c2c680038e039e4-YYZ
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17b3ca2d5aa04987892c02a4468b26cf4fa31b0aad5317e402833bfa5830ea66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Sep 2024 00:54:32 GMT
content-md5
BwCEM6OJ+fPCbZkNMHF8Xg==
document-policy
force-load-at-top
x-fb-server-load
22
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=5687, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug
LfBMc4/21c/n0oHX+kpWN/WqZx/xIw5TuqAyzNBYdXasRVxVqno4HQDuZ749oXef/P2fX8P0RPWxjSbuVK0WWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
19998aa2cfcc943b153bdd2631195d33
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"83bf60b3f70ea0a2ca8dbc9ad90a695c"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 14 Sep 2024 01:08:22 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 06:39:25 GMT
x-content-type-options
nosniff
age
238507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Sep 2025 06:39:25 GMT
main.js
gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame 6039
Redirect Chain
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
8 KB
4 KB
Script
General
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H3
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fb35bd91c5365af5bcff8662c454a61f88a36066fb615d0f2acfba397a2d3c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c2c680baf1836c3-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 14 Sep 2024 00:54:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c2c6804e87036c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
15 KB
15 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-12.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:15 GMT
server
cloudflare
age
5129547
etag
"6695a63f-3d88"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6dec3a05-YYZ
content-length
15752
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 06:47:40 GMT
x-content-type-options
nosniff
age
65213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Sep 2025 06:47:40 GMT
pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
14 KB
14 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecdb8e5d122f3c7d50eb502ef2eeab04d673bfbb9606325d1acb5a9ecf3ea5b7

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:15 GMT
server
cloudflare
age
5129547
etag
"6695a63f-36d0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6ddc3a05-YYZ
content-length
14032
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
12 KB
12 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41704d8589e4826363b6316d6a5e5d6da5f3fdee55723188a25be0524b9399dc

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:15 GMT
server
cloudflare
age
5129547
etag
"6695a63f-2ed4"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6de03a05-YYZ
content-length
11988
pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
14 KB
14 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-regular-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70159909cf9a1df78dadf35e0bea44c9b8ab4bfa5b675ccdc28acfc5333151fc

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:10 GMT
server
cloudflare
age
5129547
etag
"6695a63a-38f4"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6de23a05-YYZ
content-length
14580
checkbox.png
gleam.io/images/
368 B
705 B
Image
General
Full URL
https://gleam.io/images/checkbox.png
Requested by
Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://widget.gleamjs.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
526781
cf-polished
origFmt=png, origSize=655
content-disposition
inline; filename="checkbox.webp"
g-host
meepo30
alt-svc
h3=":443"; ma=86400
content-length
368
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2024 09:50:38 GMT
server
cloudflare
etag
"66dc21ee-28f"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8c2c68099cb636c3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/
99 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
252 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59409273a95b0ed40a1eda700086785430dae3d0f0efee99bffd67b8877d6007

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
appstore@2X.png
gleam.io/images/
4 KB
4 KB
Image
General
Full URL
https://gleam.io/images/appstore@2X.png
Requested by
Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5c5602da511c2af0ab51a93ba567f12fa2c394d747963ee2cc12179ee8e90e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://widget.gleamjs.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
526640
cf-polished
origFmt=png, origSize=5074
content-disposition
inline; filename="appstore@2X.webp"
g-host
meepo30
alt-svc
h3=":443"; ma=86400
content-length
3798
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2024 09:50:38 GMT
server
cloudflare
etag
"66dc21ee-13d2"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8c2c6809acc336c3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
google-play-badge.png
gleam.io/images/
4 KB
4 KB
Image
General
Full URL
https://gleam.io/images/google-play-badge.png
Requested by
Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-c34b0dfde6bfd4b25c9e40ef181e14eee5babdb1861c7ba01ff2b9bfe1bf4c41.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83a0f52661a8bb389d3f2546210d24750eb0d31edd25463726f571e3815ece2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://widget.gleamjs.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
526640
cf-polished
origFmt=png, origSize=4959
content-disposition
inline; filename="google-play-badge.webp"
g-host
meepo36
alt-svc
h3=":443"; ma=86400
content-length
4212
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2024 09:50:38 GMT
server
cloudflare
etag
"66dc21ee-135f"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8c2c6809acc436c3-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
pro-fa-light-300-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
15 KB
15 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-light-300-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68485c1de649ab07654b44910ab22b746dab5f400810d107d7995e56d4d88fbf

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:09 GMT
server
cloudflare
age
627321
etag
"6695a639-3c48"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6de43a05-YYZ
content-length
15432
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
37 KB
37 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:07 GMT
server
cloudflare
age
5129547
etag
"6695a637-9204"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6de63a05-YYZ
content-length
37380
pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
40 KB
40 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:07 GMT
server
cloudflare
age
5129547
etag
"6695a637-9e3c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6de83a05-YYZ
content-length
40508
pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
17 KB
17 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-regular-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab1bc600262d1105f7c72c4698f963f18a63559af0ce449e1098a5c2e370f4d

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:10 GMT
server
cloudflare
age
5129546
etag
"6695a63a-422c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6de93a05-YYZ
content-length
16940
pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/
13 KB
13 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-14.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57143177f2457af31b1cf55d603b44803355258a54bf573d94e7ed452f7a8786

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 22:44:15 GMT
server
cloudflare
age
5129547
etag
"6695a63f-353c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8c2c680b6deb3a05-YYZ
content-length
13628
pubgm--pubg-mobile-bloodmoon-giveaway-1080-x-1080.jpg
images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1080,onerror=redirect/https://user-assets.out.sh/user-assets/1995908/SaImVDPOxNhLb7Lb/
174 KB
175 KB
Image
General
Full URL
https://images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1080,onerror=redirect/https://user-assets.out.sh/user-assets/1995908/SaImVDPOxNhLb7Lb/pubgm--pubg-mobile-bloodmoon-giveaway-1080-x-1080.jpg
Requested by
Host: gleam.io
URL: https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:16eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb3a7a488b2ee0ee5063e8fe6e4242f03b865c628a523cffc96f97849ca3080
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:33 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
178633
cf-resized
internal=ok/r q=0 n=83+187 c=0+0 v=2024.9.1 l=178633 f=false
last-modified
Mon, 09 Sep 2024 22:09:29 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfwcX_BCebiy0BJeUC4jAex4z3iHlin5-dsK3_kpnHDQ:9d7fa2ee4c5105a9c05f16fe5d87add6"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8c2c680b4e6936c3-YYZ
all.js
connect.facebook.net/en_US/
301 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=0dc35adf6ab95fdc33efcee67ebb8b7f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ac9504e7a9f3300714cea47070eafe6cd2d744cf14080d545fd5eccde8e12ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gleam.io/
Origin
https://gleam.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Sep 2024 00:54:33 GMT
content-md5
LoiEISyBID3AieE0T4Xpyw==
document-policy
force-load-at-top
x-fb-server-load
23
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87222
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=100, rtx=0, c=23, mss=1232, tbw=5684, tp=10, tpl=0, uplat=1, ullat=-1
x-fb-debug
TCRk1ITvGGKOzDrBSBOegBU+cS6qVB0BaMhTLQ5i+burV9qN8P12aD06zmV3lxkY3wr21g62RBk3zSrn2rc4gw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4357a753eeba589ff8a69d677a6b50af
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"729bcd76a5461e35a16a3f8baf50ae00"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 13 Sep 2025 23:56:23 GMT
8c2c67faaf4436c3
gleam.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6039
0
675 B
XHR
General
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/b/jsd/r/8c2c67faaf4436c3
Requested by
Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 14 Sep 2024 00:54:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
8c2c680ffb0a36c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=152351391599356&input_token&origin=1&redirect_uri=https%3A%2F%2Fgleam.io%2FLf0W1%2Fpubg-mobile-bloodmoon-giveaway%3Fgsr%3DLf0W1-DDOAKzWBXT&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=0dc35adf6ab95fdc33efcee67ebb8b7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Sat, 14 Sep 2024 00:54:34 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7414295846110962949", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2769, tp=-1, tpl=-1, uplat=46, ullat=0
pragma
no-cache
x-fb-debug
av2wPbWzVNRrwPNF112otlUxJV3bSHCQBvrGp4RwXwNwVPbdoTB/CUGU3oia5OIRB2tPpxFx1zn3OFixu8vPuA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7414295846110962949"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gleam.io
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
like.php
www.facebook.com/plugins/ Frame 6EFC
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb52834b647ea7453%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ffe98140deb19c5286%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FPUBGMOBILE&locale=en_US&sdk=joey&show_faces=false&width=360
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=0dc35adf6ab95fdc33efcee67ebb8b7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gleam.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Sep 2024 00:54:34 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7414295846204187083"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7414295846204187083", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1392, tbw=20802, tp=-1, tpl=-1, uplat=73, ullat=0
x-fb-debug
eDbTEskCn0Met2062gIH5xDJNDvHBjJYbSBBhIdW2WJhNyeyTdAf1hOui5/9cAxh3SZUDlceYScxRGeOwfQe/A==
x-fb-server-load
40
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame F39F
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4e1d6708ae322fc6%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ffe98140deb19c5286%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPUBGMOBILE&locale=en_US&sdk=joey&show_faces=false&width=360
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=0dc35adf6ab95fdc33efcee67ebb8b7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gleam.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Sep 2024 00:54:34 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7414295846539004891"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7414295846539004891", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1392, tbw=2782, tp=-1, tpl=-1, uplat=71, ullat=0
x-fb-debug
gsc99pt5btmZNu9hIEsT4vwTyqJzhZa079M4byDhQ0zbIBVhCwcFfxZl2O6sZpWD4DkXpx/eX/ILstwNO19wfw==
x-fb-server-load
24
x-xss-protection
0
rum
gleam.io/cdn-cgi/
0
136 B
XHR
General
Full URL
https://gleam.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gleam.io/Lf0W1/pubg-mobile-bloodmoon-giveaway?gsr=Lf0W1-DDOAKzWBXT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 14 Sep 2024 00:54:34 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://gleam.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8c2c68118c5a36c3-YYZ
favicon.svg
js.gleam.io/
440 B
445 B
Other
General
Full URL
https://js.gleam.io/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda06989c001f8645052af2f8be047113cf7dfdce1673c1f1f0f3a49d2b30000
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 11 Sep 2024 06:39:44 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
1314
etag
W/"66e13b30-1b8"
vary
Accept-Encoding
content-type
image/svg+xml
g-host
meepo30
cf-ray
8c2c68118c5b36c3-YYZ
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| fallbackToHostedFontAwesome string| campaignKeyOverride object| timeZoneMap string| actionMarketingAppName function| escapeStringRegexp function| tagToHashtagRegExp function| Cookies function| _getGSAP function| CSSPlugin object| cssCore function| _removeLinkedListItem function| _removeProperty function| PropTween function| _getAllStyles function| ClassNamePlugin object| LocalStorage string| TALKER_TYPE string| TALKER_ERR_TIMEOUT function| objectCreate function| defer function| Talker function| jqueryLikeOn function| withParam function| addExpid function| $ function| jQuery function| jsmd5 object| fraudService function| ClipboardJS function| elementResizeDetectorMaker object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| simulateEvent function| trackEvent function| trackPageview function| moment object| angular object| Gleam object| ifvisible object| linkify string| pageType string| pageViewOverride object| messageBundle string| facebookAppId object| __core-js_shared__ object| Sslac object| IN function| parseLinkedIn object| conversionTracking object| FingerprintJS function| gleamFraudCalculator object| __cfBeacon function| fbAsyncInit function| fbLazyInitPost object| FB object| __buffer

10 Cookies

Domain/Path Name / Value
gleam.io/ Name: PP-Lf0W1
Value: *
gleam.io/ Name: owner_token
Value: 2FnQPm72aX2ojKZ54ZKz3Q
gleam.io/ Name: SH-Lf0W1
Value: DDOAKzWBXT
.gleam.io/ Name: __cf_bm
Value: 4B6mCTeMxahEI1AZ8BufUDCE952s35yYImb3X1aNrFU-1726275270-1.0.1.1-.vmb3xviI5c6iCFcMduQ1vGNHOsnfOqB8z0VapdMdifs7K3qiyzP536WYwzqlCwqJJmpXfCRCLxMjKeKPbdU3g
gleam.io/ Name: RL-Lf0W1
Value: https%3A%2F%2Fgleam.io%2FLf0W1%2Fpubg-mobile-bloodmoon-giveaway
gleam.io/ Name: _gfpc
Value: t
gleam.io/ Name: XSRF-TOKEN
Value: 0mWt3qDG-ud-mCR41y7mwmNIRRvctrpeCQviKECpTTi6R7OCVTfAjjQFS0Qp8E0Ts1_gwBm3-YO5GSbr0oNC3A
gleam.io/ Name: _app_session
Value: Z5khiI3DRMr9H9j8%2FG76dIwtpxVl6BYczdWcPR%2Bjt5sf83ufQei42BdE4c4bt9XFEGs6KFxjTD3pfzO2FhdxYZJpExyhBXEizkw2vprdGZy4LUfHplOXU9wjZUu1XTSdC6hvEI9AUD6OJCT4R7fZHlxDywiVp7hxFpdJ7%2B2UqHewthkiOYPknLI3pQygAWZoWrkepagWKWMHM5aTrYc8WGQ1aVDsX0cVECWlnB0OqzbEidOP6RIMNm8ok1ft2QtTdzxXzlVqvVArH92nJNjPUkhJPhtBCayDFdL%2FcsWm%2F5N3Kj63ajNyl8RO--NM%2BoLlSOkaQTDF8r--cDY3n5dHxuspZfgR0am40g%3D%3D
gleam.io/ Name: fpr
Value: ad34d21b9362404e61c4967a7da326d5.22936d902297dbf1f2ab3e9557f9097e
.gleam.io/ Name: cf_clearance
Value: L8oDzPzjYx3ToaQ91vcNeQ1zQGWYehiXawyU_ngBMFU-1726275274-1.2.1.1-Or4mOFrb2r4HD_gsDHBW63hj20J4O9Ct3ZmexGpuF6q.4UqhBlrUEzbj9fVCVw8zauLzG.qQJNQVB6c9DczwxIYNwEuatrPyEpnhANqMalsdyzscmFq5iJi5Iy5UJleDJLAVtoje5CIWLD0Oh4XvmU_w0RtI4QniuLjtnCi3Lh2zlXTxUC_ruLvtYF1DYrXedv6ftyAGuZ_Gl7XYPZrPLNwZkOMmaoHBhJU5Tyy7oNDdTZf_9ETB8Zmn14hh3g5aArlgSgvSiJFqm3t5K3TnCnTgLM0Xhsah.pUbOPyduiIwDGIAK5pc2zolqy8UBaewPhO.BWWCDQL6Pj4Iv4zC6O_MpUIErev8JXJA8n.xvK_kIDXZR5KlFh_ImvMg4kHc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fraudjs.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gleam.io
images.gleamio.com
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
platform.linkedin.com
static.cloudflareinsights.com
widget.gleamjs.io
wn.nr
www.facebook.com
104.18.21.100
104.18.31.181
172.66.40.77
2600:141b:1c00:6::17df:d10c
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700::6810:5049
2606:4700::6812:16eb
2607:f8b0:4006:80d::2003
2607:f8b0:4006:81e::200a
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
34.232.150.28
046099e2db6768d631db9ebef20d173006c64360fb1ef25e4135d5c0303c0736
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
17b3ca2d5aa04987892c02a4468b26cf4fa31b0aad5317e402833bfa5830ea66
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
2ac9504e7a9f3300714cea47070eafe6cd2d744cf14080d545fd5eccde8e12ab
2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41704d8589e4826363b6316d6a5e5d6da5f3fdee55723188a25be0524b9399dc
469396b425e41f947ec2419ea0a49091c6275add55093ab102b2b8a8cf885fc9
55638b4aeb9090a1f15479188e20ca64d8382a0dad3c130e544d6dc07ee36a40
57143177f2457af31b1cf55d603b44803355258a54bf573d94e7ed452f7a8786
59409273a95b0ed40a1eda700086785430dae3d0f0efee99bffd67b8877d6007
5bb3a7a488b2ee0ee5063e8fe6e4242f03b865c628a523cffc96f97849ca3080
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
64ea9410e29cd3e06a611647bb03864e8da46ff42e18f7baca5da7fee2705e91
67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486
68485c1de649ab07654b44910ab22b746dab5f400810d107d7995e56d4d88fbf
70159909cf9a1df78dadf35e0bea44c9b8ab4bfa5b675ccdc28acfc5333151fc
79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5
7b6b3f692defbeb21372912758663407687ae822e002a26ca74440054c72e036
87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9a5c5602da511c2af0ab51a93ba567f12fa2c394d747963ee2cc12179ee8e90e
aab1bc600262d1105f7c72c4698f963f18a63559af0ce449e1098a5c2e370f4d
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
ba2a9de5e0c6e3c46f149bf072c6a2f9f0460737aa5fe0ecfc47fb33b018bea5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c4fb35bd91c5365af5bcff8662c454a61f88a36066fb615d0f2acfba397a2d3c
c9a3134d70475a5e6c07b5922ce2b181b767ca74b032e5a28bede11d8aff7ed4
dfe99abfe1be9c1d37044d0bf70b5462fc26b0f0353c1d8db6976fcdd1978300
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdb8e5d122f3c7d50eb502ef2eeab04d673bfbb9606325d1acb5a9ecf3ea5b7
f83a0f52661a8bb389d3f2546210d24750eb0d31edd25463726f571e3815ece2
fda06989c001f8645052af2f8be047113cf7dfdce1673c1f1f0f3a49d2b30000