urlscan.io logo urlscan.io
SecurityTrails logo

gleam.io Open in urlscan Pro
172.66.43.179  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sweepsdb.com/go/4725529
Effective URL: https://gleam.io/1h57G/winter-with-ravenswatch
Submission: On December 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 172.66.43.179, located in United States and belongs to CLOUDFLARENET, US. The main domain is gleam.io. The Cisco Umbrella rank of the primary domain is 55413.
TLS certificate: Issued by GTS CA 1P5 on November 21st 2023. Valid for: 3 months.
This is the only time gleam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.225.221.199 29802 (HVC-AS)
2 6 172.66.43.179 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 4
Apex Domain
Subdomains		 Transfer
6 gleam.io
gleam.io — Cisco Umbrella Rank: 55413
45 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 swps.me
swps.me
476 B
1 sweepsdb.com
sweepsdb.com
535 B
6 4
Domain Requested by
6 gleam.io 2 redirects swps.me
static.cloudflareinsights.com
gleam.io
1 static.cloudflareinsights.com gleam.io
1 swps.me
1 sweepsdb.com 1 redirects
6 4

This site contains no links.

Subject Issuer Validity Valid
www.swps.me
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh
gleam.io
GTS CA 1P5		 2023-11-21 -
2024-02-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://gleam.io/1h57G/winter-with-ravenswatch
Frame ID: D61FA84F1B23E32A34A38F1E190FB084
Requests: 7 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: C52FB8B53F33A6CCE4B8DB75245A6309
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Denied

Page URL History Show full URLs

  1. https://sweepsdb.com/go/4725529 HTTP 302
    https://swps.me/ld810 Page URL
  2. https://gleam.io/1h57G/SweepsDB HTTP 301
    https://gleam.io/1h57G/winter-with-ravenswatch Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

6
Requests

83 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

78 kB
Transfer

118 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sweepsdb.com/go/4725529 HTTP 302
    https://swps.me/ld810 Page URL
  2. https://gleam.io/1h57G/SweepsDB HTTP 301
    https://gleam.io/1h57G/winter-with-ravenswatch Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://sweepsdb.com/go/4725529 HTTP 302
  • https://swps.me/ld810
Request Chain 5
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ld810
swps.me/
Redirect Chain
  • https://sweepsdb.com/go/4725529
  • https://swps.me/ld810
210 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://swps.me/ld810
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.225.221.199 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
svr.checkrepost.com
Software
CentOS WebPanel: Protected by Mod Security / PHP/7.2.10
Resource Hash
0c52cc607521a4d4d17cebbd5e05145fcd02cf954c0b22b17f5d61b112b6d238

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
167
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Dec 2023 19:46:03 GMT
Keep-Alive
timeout=5, max=100
Server
CentOS WebPanel: Protected by Mod Security
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.2.10

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Dec 2023 19:46:00 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://swps.me/ld810
Pragma
no-cache
Referer
https://sweepsdb.com/c/4725529
Server
CentOS WebPanel: Protected by Mod Security
Transfer-Encoding
chunked
Vary
User-Agent
X-Robots-Tag
noindex, noarchive
Primary Request winter-with-ravenswatch
gleam.io/1h57G/
Redirect Chain
  • https://gleam.io/1h57G/SweepsDB
  • https://gleam.io/1h57G/winter-with-ravenswatch
57 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gleam.io/1h57G/winter-with-ravenswatch
Requested by
Host: swps.me
URL: https://swps.me/ld810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd38ba06402dc4b3dab59067d23e929392a0858e99ed181f03975e5c03348df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://swps.me/ld810
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=15
cf-ray
8337fdebae2b2c1c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 10 Dec 2023 19:46:04 GMT
expires
Sun, 10 Dec 2023 19:46:19 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
BYPASS
cf-ray
8337fde73f662c1c-FRA
content-security-policy
object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=5sQkdKO2u6gPddCQFDIuTH3klYxuxM.B.NBsXyoTjzY-1702237564-0-AXsUuS_xXFO6Lk21-LaXHEFDistWaURnq7zaer7HiNQuig5iPWBMWdCaFunMyvH-B7n1crQuvPfgOp3NyMo-kmlHc30f3TLV4WNUweTOJrAYZzuBWy_CaXgtCVvwKo8IUpPSmX34SzoD2jB0f64jQVQ; report-to cf-csp-endpoint
content-type
text/html; charset=utf-8
date
Sun, 10 Dec 2023 19:46:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
g-host
meepo20
location
https://gleam.io/1h57G/winter-with-ravenswatch
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=5sQkdKO2u6gPddCQFDIuTH3klYxuxM.B.NBsXyoTjzY-1702237564-0-AXsUuS_xXFO6Lk21-LaXHEFDistWaURnq7zaer7HiNQuig5iPWBMWdCaFunMyvH-B7n1crQuvPfgOp3NyMo-kmlHc30f3TLV4WNUweTOJrAYZzuBWy_CaXgtCVvwKo8IUpPSmX34SzoD2jB0f64jQVQ"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
8860e3ba-f613-40fc-a462-b897a2f03ded
x-robots-tag
noindex, nofollow
x-runtime
0.017125
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: gleam.io
URL: https://gleam.io/1h57G/winter-with-ravenswatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 19:46:04 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8337fdec2c1e6ae0-FRA
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ee3f7a5d07ff9d0a12bde19c3584acdc2943d6525235022f504caa19d3d83a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Request headers

Referer
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Request headers

Referer
Origin
https://gleam.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
font/woff2
main.js
gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame C52F
Redirect Chain
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Protocol
H3
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13cc2fe63703624bd65961a521c201fd744f31bba7679baa9cc60361b18b231
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 19:46:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8337fdeccb2e90da-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 10 Dec 2023 19:46:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control
max-age=300, public
cf-ray
8337fdec7aca90da-FRA
alt-svc
h3=":443"; ma=86400
rum
gleam.io/cdn-cgi/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gleam.io/1h57G/winter-with-ravenswatch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

date
Sun, 10 Dec 2023 19:46:04 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://gleam.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8337fdec7ad790da-FRA
8337fdebae2b2c1c
gleam.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C52F 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/b/jsd/r/8337fdebae2b2c1c
Requested by
Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 10 Dec 2023 19:46:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
8337fded6bdf90da-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| campaignId object| __cfBeacon

9 Cookies

Domain/Path Name / Value
sweepsdb.com/ Name: PHPSESSID
Value: c51bdc6a7098490720862b2885069b03
gleam.io/ Name: PP-1h57G
Value: *
gleam.io/ Name: owner_token
Value: 1cPUKAU-CaiZX6aFohb9Sg
gleam.io/ Name: RL-1h57G
Value: https%3A%2F%2Fgleam.io%2F1h57G%2FSweepsDB
gleam.io/ Name: _gfpc
Value: t
gleam.io/ Name: XSRF-TOKEN
Value: gv67BVURT5b9WfMbtdYSaZAzk21n0iXBFWxtvHLEeCnwD6QQcFRhHHr8wK7TuZVyo0Lth1U1GN8iA9Hq03wsVw
gleam.io/ Name: _app_session
Value: GvNVxJgNAiUM9WQpy6qc7NePBvs2fYA%2BTuezQMJQWXl77Jx6V6DbwgSOwj9wYjJsR4%2FCEPPxUcmI4Rqh%2BDLwU5oJhtKxOQAeM4WKw6iLR5YkhleMFr1tP420OzyL2dByyK6gBiqdyoaD75GtyPMzkJqqxWPDf3g6sOAGuNE4j57BnCs83iwnCa2Ni3mb5ooS2CiEi%2BhtoYOgG2yN6KCXsvo8Jqt0uBu%2FNFZaJbmtZ0MesKp7KOXAKUAbUWy%2FXGSdGRIUtCObJG%2FDV79XTlmWZoN0Htm5jHFWts83hBSyNhLx3pvyeDjmTC58--xCku9GRfR7ggYyf6--wVG4WwsbgFMMcLLZ5Mn2bw%3D%3D
.gleam.io/ Name: __cf_bm
Value: lZvnezrWcQq7gJNHF1Bg6TA7HEf.Y8Q38Xzm2VundzY-1702237564-1-AWrGg0tlTUSBrt81tzEU+kAvz2XfXtlLYlCT33ftTIwxDfObSphsqHBBc1iyJVBS10vmAEahp23JKg0G7Maru1I=
.gleam.io/ Name: cf_clearance
Value: 4Qv3ttwla2boEzeK4p8BCgTa12uiUHF7W_GvhNDGkUI-1702237565-0-1-8d2cb63c.34ec9f3a.e4787625-0.2.1702237565

1 Console Messages

Source Level URL
Text
network error URL: https://gleam.io/1h57G/winter-with-ravenswatch
Message:
Failed to load resource: the server responded with a status of 403 ()