www.vloot.io Open in urlscan Pro
2606:4700:20::681a:a36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wn.nr/JXd5Dq
Effective URL:
https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
Submission: On May 17 via manual (May 17th 2022, 6:22:43 pm UTC) from DZ — Scanned from DE

Summary HTTP 99 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 99 HTTP transactions. The main IP is 2606:4700:20::681a:a36, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vloot.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2021. Valid for: a year.

This is the only time www.vloot.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.169.134.166 35.169.134.166	14618 (AMAZON-AES) (AMAZON-AES)
1 3	172.66.43.179 172.66.43.179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:20:... 2606:4700:20::681a:a36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.150.233 172.64.150.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	104.18.30.181 104.18.30.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
7	172.66.40.77 172.66.40.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.21.100 104.18.21.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c25a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.9.67 104.18.9.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:67c:4e8:... 2001:67c:4e8:1033:2:100:0:a	62041 (TELEGRAM) (TELEGRAM)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
11	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
99	30

1 35.169.134.166 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-134-166.compute-1.amazonaws.com

wn.nr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.66.43.179 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:a36 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vloot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.233 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cloudflare.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.30.181 (None, )

ASN13335 (CLOUDFLARENET, US)

widget.gleamjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.66.40.77 (United States)

ASN13335 (CLOUDFLARENET, US)

gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.21.100 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fraudjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c25a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.9.67 (None, )

ASN13335 (CLOUDFLARENET, US)

user-assets.out.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:1033:2:100:0:a (Bergen, Norway)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	vloot.io www.vloot.io	2 MB
11	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	4 KB
11	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1636 ka-f.fontawesome.com — Cisco Umbrella Rank: 2955 pro.fontawesome.com — Cisco Umbrella Rank: 5088	763 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	201 KB
10	gleam.io 1 redirects gleam.io — Cisco Umbrella Rank: 55621 js.gleam.io — Cisco Umbrella Rank: 69841	57 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	569 KB
6	google.com www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 74	25 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1158	83 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 664 syndication.twitter.com — Cisco Umbrella Rank: 954	133 KB
3	gleamjs.io widget.gleamjs.io — Cisco Umbrella Rank: 114058	364 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	5 KB
2	steamstatic.com cdn.cloudflare.steamstatic.com — Cisco Umbrella Rank: 10323	32 MB
1	telegram.org telegram.org — Cisco Umbrella Rank: 10051	6 KB
1	out.sh user-assets.out.sh — Cisco Umbrella Rank: 160151	192 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3633	159 KB
1	fraudjs.io cdn.fraudjs.io — Cisco Umbrella Rank: 233997	13 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	642 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	39 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	9 KB
1	wn.nr 1 redirects wn.nr — Cisco Umbrella Rank: 335634	414 B
99	24

	Domain	Requested by
13	www.vloot.io	www.vloot.io
11	www.facebook.com	connect.facebook.net
7	pagead2.googlesyndication.com	www.vloot.io pagead2.googlesyndication.com tpc.googlesyndication.com
6	gleam.io	1 redirects widget.gleamjs.io gleam.io
5	pro.fontawesome.com	gleam.io pro.fontawesome.com
5	www.gstatic.com	www.google.com
5	ka-f.fontawesome.com	kit.fontawesome.com
5	www.google.com	www.vloot.io www.gstatic.com www.google.com tpc.googlesyndication.com
4	js.gleam.io	www.vloot.io widget.gleamjs.io gleam.io
4	fonts.googleapis.com	www.vloot.io gleam.io
3	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	onesignal.com	cdn.onesignal.com
3	widget.gleamjs.io	js.gleam.io gleam.io
2	platform.twitter.com	gleam.io platform.twitter.com
2	connect.facebook.net	gleam.io connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.onesignal.com	www.vloot.io cdn.onesignal.com
2	cdn.cloudflare.steamstatic.com	www.vloot.io
1	syndication.twitter.com	platform.twitter.com
1	telegram.org	gleam.io
1	user-assets.out.sh	gleam.io
1	platform.linkedin.com	gleam.io
1	cdn.fraudjs.io	gleam.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.vloot.io
1	kit.fontawesome.com	www.vloot.io
1	cdnjs.cloudflare.com	www.vloot.io
1	wn.nr	1 redirects
99	32

This site contains links to these domains. Also see Links.

Domain
twitter.com
earn.vloot.io
blog.vloot.io
steamcommunity.com
discord.gg
www.facebook.com
www.instagram.com
www.reddit.com
www.trustpilot.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gleam.io Sectigo RSA Domain Validation Secure Server CA	`2022-02-20` - `2023-03-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
widget.gleamjs.io Sectigo RSA Domain Validation Secure Server CA	`2021-09-07` - `2022-10-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
cdn.fraudjs.io Sectigo RSA Domain Validation Secure Server CA	`2021-09-07` - `2022-10-08`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2020-07-03` - `2022-07-08`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-23` - `2022-05-24`	3 months	crt.sh
*.out.sh Sectigo RSA Domain Validation Secure Server CA	`2022-02-15` - `2023-03-18`	a year	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2021-09-10` - `2022-10-09`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
Frame ID: 1BA8D14C7CBEEEF8DAC1BC27FD508899
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html
Frame ID: A5F571E5B3BCB5C37B2D6092FD7D228B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1479231709898856&output=html&adk=1812271804&adf=3025194257&lmt=1652811754&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652811754821&bpp=3&bdt=1822&idt=154&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5602105393686&frm=20&pv=2&ga_vid=94692353.1652811755&ga_sid=1652811755&ga_hid=2092293952&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067416%2C31064018%2C31067526&oid=2&pvsid=2822649964723102&pem=424&tmod=95098443&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: 9B29B17A2A95444FF7A46AF0730634E9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3&co=aHR0cHM6Ly93d3cudmxvb3QuaW86NDQz&hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=rxsr807ihsch
Frame ID: 0A610BFE69D79DD3F91C051C271A23F3
Requests: 4 HTTP requests in this frame

Frame: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Frame ID: 35BA05E237283A2CDF7896364863A17A
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C8A9691BA5B1D5F87A25A8FC29235717
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C13B5D1FDB172883D9E1AF1A4668D2C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3
Frame ID: E63D7AEC905A7FA885EB53A822C34F06
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22024481763b84%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: AA8FE62050DE3BBB26A6E693E27555E0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27a65093c266cc%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 2B3D185A4A00B3180EEFD4287A89F69D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3243b9090ba91%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 9A1A238D54AD602A1BCC045C93338586
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1656e9daac9608%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 443707FCAEEE07AC48D0ABCC981793A7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31cf5039b6435c%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 3670410FBEE106DBF55E4A7E0A7B2AD4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ddbf436ddced4%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: AEDB5738E680D7C0D00FEBE10B8DE211
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14441f46ed49c%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: B29B23EF70D7EB54F555FA691F4F0486
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbeaa70da5b664%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 0DF6AAD4E2A4A262E492D398F7BFD44F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df237914425906a%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 1013967938C478791BF7CEE165CBBE8A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2183332f6acd4%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: CD6B444D07EB98C8B27CD70530DFA098
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fgleam.io
Frame ID: F7046712B793FD484C58859D4FE8676A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Games Giveaway - 10x Elden Ring Steam Key Giveaway! - vLoot

Page URL History Show full URLs

https://wn.nr/JXd5Dq HTTP 301
https://gleam.io/0wqBx-iWq5BrWUVi?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden... HTTP 301
https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

99
Requests

100 %
HTTPS

70 %
IPv6

24
Domains

32
Subdomains

30
IPs

4
Countries

37285 kB
Transfer

41459 kB
Size

16
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/vloot_io
Title: @vLoot_io

Search URL Search Domain Scan URL

URL: https://earn.vloot.io/?utm_source=vLoot&utm_medium=cpc&utm_campaign=internal_navbar&utm_content=header_button
Title: Free Giftcards

Search URL Search Domain Scan URL

URL: https://blog.vloot.io/
Title: Blog

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/groups/vloot

Search URL Search Domain Scan URL

URL: https://discord.gg/DjfmQnt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vLoot.io

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vloot.io

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/vLoot_io

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/vloot.io

Search URL Search Domain Scan URL

URL: https://earn.vloot.io/?utm_source=vLoot&utm_medium=cpc&utm_campaign=internal_cta&utm_content=cta_right

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wn.nr/JXd5Dq HTTP 301
https://gleam.io/0wqBx-iWq5BrWUVi?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway HTTP 301
https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

99 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 10x-elden-ring-steam-key-giveaway Show response
www.vloot.io/campaign/0wqBx/
Redirect Chain

https://wn.nr/JXd5Dq
https://gleam.io/0wqBx-iWq5BrWUVi?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway
https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

16 KB
6 KB

692ms
588ms

Document
text/html

2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e06bdde97b2471f301962320b56eae8cf339f61271725b4d5190fba7672263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 70ce61128b9c8fd4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 17 May 2022 18:22:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybD6W%2FtfJdQ3%2BLy02hOwNbjJSsGVcz7uf73Q6O4nkN%2FlBOg1dk4liq0qofdpohBuGwu%2Fef8Jgcjg8XI%2FUG%2F0PWYI1ZwaHohg0%2BHJInFBUCRSbD2%2FcmHZTrFWe%2FHhWxw%2Bh6JNIIfx4dQP4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: BYPASS
cf-ray: 70ce610fcbaf9066-FRA
content-security-policy: frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 18:22:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
g-host: meepo18
location: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 413bf197-fea4-4f37-83e3-3df77fb581ba
x-robots-tag: googlebot: nofollow noindex
x-runtime: 0.025088
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 app.css
www.vloot.io/css/ 212 KB
33 KB 1250ms
1249ms Stylesheet
text/css 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vloot.io/css/app.css?v=1652811753

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3398d55b997378387dbbf0bc34d536fda87d3c77072e608597b53dbea77220c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Sep 2021 13:14:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"614c7daa-34f66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8g1QMoahd3OKsW2bmMJW0WOkh1ftssDV%2Fp85HRTkWHHqCfEfRE708mulDDM5MlDNvPE0L0jNMNn0Z2UHRjvkvQ8OsUQ1Kx%2FmDzfzDomprZsBNEkx9GS6QZZ%2FkOhoyz%2Be1tz2lYl7ST7rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 70ce61166c988fd4-FRA

GET
H2 200 whitelogo.png
www.vloot.io/media/img/logos/ 13 KB
14 KB 69ms
69ms Image
image/png 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vloot.io/media/img/logos/whitelogo.png

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebba1d297e8a15f1ded58251d16810ce002fd745f2cdabe8bff5b8ddc4078db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2460
cf-polished: origSize=21001
content-length: 13519
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Dec 2020 01:54:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fe697ee-5209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2gQt0fkQHj9E4Cr4DyB0D5LnQFDRB8w6TiYIHWPTbUTuTGzvYvyDPIFmUJZV0NjlErmnLxTtD%2BT5gC22lqU7IVBWqIHKksjkDpLG6GjsDJUCVFTkd3P%2FlSHgRacjLiFn8KXf4c%2B7JkAWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70ce61166c9c8fd4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 d3fa8273b128f2f37f84358acece8d48.jpg
www.vloot.io/storage/uploads/banners/ 23 KB
24 KB 66ms
65ms Image
image/jpeg 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vloot.io/storage/uploads/banners/d3fa8273b128f2f37f84358acece8d48.jpg

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300fc6d28394cf9a3c82af2fbcf04d24677532b310b8211b03a20a026ee18040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2459
cf-polished: origSize=29300
content-length: 23750
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 15:21:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e398bfe-7274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BddeA982BNhwg6Ertiw5KYq89SmZiT%2Bc9QQtYLs399M1wDezy8eScUdMmKksLEDXZnT8dPtk21e5QfAqx7brlYMpBRCWgeBY64bM1jUF8hKn8ZjRIZ40nL7aJuicgN4m5oXRUsA6eytaiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70ce61166cab8fd4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 b7b0471bd8b1b953e9d2895c17dfae0b.jpg
www.vloot.io/storage/uploads/banners/ 64 KB
65 KB 149ms
148ms Image
image/jpeg 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vloot.io/storage/uploads/banners/b7b0471bd8b1b953e9d2895c17dfae0b.jpg

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b521c3fcf046ee1e63a1ec7de52816f9e6dde705d26d70bf599c33856c6cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
cf-polished: origSize=74924
content-length: 65648
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Jan 2021 17:51:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ffc9005-124ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FtKUuAwz3OvaUUj1yBJheYRCsRoBBHk8dWpahhF%2FTBvQUAt4HuVdK1B55DplqeuwwXmuLZpuB6YnvCoKzl54UUW1%2BUAOdVSrKiT6Q8aMRcW9LsnPlh%2BqYr4rOgrJUlII23mJ93Uuru4Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70ce61166cac8fd4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 ER_Steam_Gif_616x260.gif
cdn.cloudflare.steamstatic.com/steam/apps/1245620/extras/ 16 MB
16 MB 209ms
51ms Image
image/gif 172.64.150.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudflare.steamstatic.com/steam/apps/1245620/extras/ER_Steam_Gif_616x260.gif?t=1649774637
Requested by: Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9913b1edc9ad3e19ec2302eee8107f39d797e36c7992ff0ccba88ab8a9dd3f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:34 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 22:00:45 GMT
server: cloudflare
age: 12180
etag: "610c5f8d-ffb78c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
cf-ray: 70ce61176c1f91de-FRA
content-length: 16758668
expires: Tue, 24 May 2022 14:45:00 GMT

GET
H2 200 cta_right.png
www.vloot.io/media/img/cta/ 1 MB
1 MB 76ms
76ms Image
image/png 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vloot.io/media/img/cta/cta_right.png

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83d1bcef9e7c482d13e08031706ff7f6c2c31acdaec744228f353cbe736d8093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2459
cf-polished: origSize=2165133
content-length: 1456075
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Sep 2021 13:14:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "614c7daa-21098d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMo%2Bxy5fq5J8dIrQkMmUasntkfekia3vbeIfmQm7rhy02ou1%2FrH%2B%2Fq%2F%2BBBc6DRGZJNCyiclmX%2B4K0A8N3E7sMgmvs1CjldMi8hEgZlV%2BtqhYOWRkcWko9ZYW84Rwh6f3eg9g1M66L81T%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70ce61166caf8fd4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 email-decode.min.js Show response
www.vloot.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
950 B 65ms
64ms Script
application/javascript 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vloot.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 May 2022 14:29:36 GMT
server: cloudflare
etag: W/"627e6b50-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFEB8Iw7dsXWdbQxTB8v1PSj2mgyBc5hiEPGpwAOy6bhJBlxq2CkE0cVy861EtXM9jpgLCt5HQGm9vx5Yj6QYoabjORr6w3G14A2FO%2BtdEPIDEUpslFvtTc9l577JOJyHK44KyyYMWZCNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ce61166ca38fd4-FRA
vary: Accept-Encoding
expires: Thu, 19 May 2022 18:22:33 GMT

GET
H2 200 rocket-loader.min.js Show response
www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 62ms
62ms Script
application/javascript 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 May 2022 14:29:36 GMT
server: cloudflare
etag: W/"627e6b50-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3t7mDV2RvbOt4HppjMbemcyoAQ5yhV00lvHu8rEqbJfYfwwLIQ7lTydJYbOXN9UXeYM2P227HwKwl2p8Ks%2BCSFc0gSKnLbx%2Bxn8skSd2B%2FwSKLQh%2FBpXuOp%2BoGWKRTvbjwQgXgcnhxE8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ce61166cb18fd4-FRA
vary: Accept-Encoding
expires: Thu, 19 May 2022 18:22:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
645 B 142ms
59ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,600

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/css/app.css?v=1652811753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69f3324e42c3b5c1ea0171651fae8f5196e862a79e4ce1345de5ac38406513ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 16:53:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 18:22:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 134ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/css/app.css?v=1652811753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 16:56:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 18:22:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
649 B 148ms
65ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/css/app.css?v=1652811753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d343190ab80adf06d442d61dded2102b66cd7751108bbc96a668ae2a1e135f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 17:22:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 18:22:35 GMT

GET
H2 200 e.js Show response
js.gleam.io/ 5 KB
2 KB 117ms
106ms Script
text/javascript 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.gleam.io/e.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f79167b340363ee6bc7dc73887f59c513a22c9a4e5b4fb9b48b3068dad2dcf7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79131
g-host: meepo14
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6cd63ac9-7bd1-4a47-8f83-f870b3a6fba9
x-ua-compatible: IE=edge
x-runtime: 0.308528
server: cloudflare
etag: W/"7f79167b340363ee6bc7dc73887f59c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, public, s-maxage=86400
content-security-policy: frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
cf-ray: 70ce612039489066-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 130ms
46ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35ecdd4a46529fa6c34ccc21dc6f4a6e5dc12da07a0f48cfc0e07fd0141d11f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 17 May 2022 18:22:35 GMT

GET
H2 200 dynamics.min.js Show response
cdnjs.cloudflare.com/ajax/libs/dynamics.js/0.0.7/ 25 KB
9 KB 135ms
56ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dynamics.js/0.0.7/dynamics.min.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d18458c3d0c22a82377f114403a86aa61d0d8196e1ab6f0f28ab03e1838b1ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 414699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8114
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3e-656f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZFQAGEZ%2F8xLzzAGn0caucZT5WcyFchrHXEJkfHuB%2BxpK%2BAs0h8tByQL5Irgsmb00lqTyF7KvpQkm5QOfGeBfht5YIWPSfbHFq5knpcei3wm7zicr9T0yGN2lbDIlOtD6k7o0VeSIyOcfEJXSbN3gRbQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70ce61209df591cf-FRA
expires: Sun, 07 May 2023 18:22:35 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 138ms
48ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1910
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 70ce6120baae9b94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 20 May 2022 18:22:35 GMT

GET
H2 200 CTA.js Show response
www.vloot.io/js/ 2 KB
921 B 48ms
47ms Script
application/javascript 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vloot.io/js/CTA.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5b12617ee5308b2433077af590d2c0391abcb2886c6cdb8408bc8f096d92693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2460
cf-polished: origSize=3040
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Sep 2021 13:14:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"614c7daa-be0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNh2P%2FLye6PZ7gTHgxMmLtWiZnPCthJAoYRRlphJqFW6Q0Np5Gzza%2FDYtWVJ77T9hw8wWsLo1Lhxob34PXOk6fmSHNhWz%2FKT0Dhk9o9D06zuqaaIVkvnfVLfZkUxHSCCzkiPhcYkA%2BxAwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 70ce61202af58fd4-FRA
cf-bgj: minify

GET
H2 200 app.js Show response
www.vloot.io/js/ 344 KB
116 KB 60ms
59ms Script
application/javascript 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vloot.io/js/app.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7611a8d5ae058c9358f68e12259861ccf9a74f857a0ef33a17713eaff4c7e13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2460
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Sep 2021 13:14:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"614c7daa-560ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOASDYSxEPpZb8v%2FsbaaHnat6g3ZXbweg6st%2FzujaRWRwPhKemMtVfhEbx9UGJ8sxfqsOypBQDcbQMWLLIdh6cFAUvh9k%2FTm5m7vq6jL4XJCBMCa68YUJu%2F0%2F2B1EBJjEDdF3DIhDQBWSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 70ce61202af98fd4-FRA
cf-bgj: minify

GET
H2 200 6b2a5f8623.js Show response
kit.fontawesome.com/ 11 KB
4 KB 158ms
69ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/6b2a5f8623.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5a425b6811b74eee9d53f50e368c0d00c26b0b631f22c6909056a8c24f6e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.vloot.io/
Origin: https://www.vloot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 70ce6120af4c68f2-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fux5oAyUhkWFx6oNK2sC

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
55 KB 150ms
64ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b818f415afe0a39ce1c247beb2410fd9cf7c1e6996515e1b35c5ddf63aad976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56053
x-xss-protection: 0
server: cafe
etag: 9803019128917605495
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 May 2022 18:22:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 135ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122486317-1

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0f8f4aa0969e185d617675f4f27ae90d3f5311d6aac91ec61a6e0b2c8c78e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39377
x-xss-protection: 0
last-modified: Tue, 17 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 May 2022 18:22:35 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bf2fbec8bbad564aca80bc9f3ac97815aef97d42f2399ed9dbb8e261d466d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 156ms
67ms Fetch
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=6b2a5f8623
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6b2a5f8623.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293561
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyon25btyyIrErfjBwPfsbNqwzZRh062Br8sXKt%2Fge6bRSW3OV8XVrJljBzywvpi0oFB4k6pxmlTvjIItHqgAEEHuPZpBdzme%2B2cqL3ev2HUVCCcpo88euJtcFSvDJQqi3ntg4z8LDfvKAwlf3yBZl9pmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA60-P2
cf-ray: 70ce6121b8d29a12-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: MhDAWxg8M4uDv_JcvjMb-OsiZTtnoc9FCIq7xPHv1IcD9xmHBXirfQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 149ms
61ms Fetch
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=6b2a5f8623
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6b2a5f8623.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445170
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwwBBmJgNXJz0mse5JktuSvy2EtRSPO2JiJlAWoNGMu0kFbk2B4ONkq0LNx0K4GzeLvAvpmkomFhGrb5AJgeDe067dBSnved1fH%2FKuXexR8NbowUZcobwj%2Bs1ySnQprLNXAO3yyv06hEht0e9Zi%2Bti2fGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C2
cf-ray: 70ce6121b8d79a12-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: A7VKHT4nUVMvj4W1FC_sxPZxbbHOQIziVQJqcSnkIm4PNz2i_PaioA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 162ms
74ms Fetch
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=6b2a5f8623
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6b2a5f8623.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445170
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7G6XZXuQbSkSETLPIOGsrt4x6liy77K12VlUJDZSo0E8p0ujpFr0i9%2FHOu0pHmL%2BISMGuIxeX6tf3WkkKR1POcpubOPBX93OHGsBZEd9Abw6q2zjcKvLUTiGbt3oiPrNYu7a8tx9ajS5hS7SBxbrCa4lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C2
cf-ray: 70ce6121b8d89a12-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9aE2hs07ZfNdYrKH02NnjFV0YWbKRfzAmC7Wiahm_2KphIsPwBmHpQ==

GET
H2 200 whitelogo.png
www.vloot.io/media/img/logos/ 13 KB
14 KB 53ms
53ms Image
image/png 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vloot.io/media/img/logos/whitelogo.png

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebba1d297e8a15f1ded58251d16810ce002fd745f2cdabe8bff5b8ddc4078db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2461
cf-polished: origSize=21001
content-length: 13519
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Dec 2020 01:54:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fe697ee-5209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zKTUhK4knDNGjYDnfqoVEafUIwRRUzdcN3h6ry%2FP4ubqliwUXNGpAG7QETi97hjr5OkFN5tjhrD67wAbVCVisYOT3U3UX1iaXQs6mGRtZvrtJScLyXkKkSdoRiyoQzW2l6rSR6SOYw%2F0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70ce61217e268fd4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 d3fa8273b128f2f37f84358acece8d48.jpg
www.vloot.io/storage/uploads/banners/ 23 KB
24 KB 53ms
53ms Image
image/jpeg 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vloot.io/storage/uploads/banners/d3fa8273b128f2f37f84358acece8d48.jpg

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300fc6d28394cf9a3c82af2fbcf04d24677532b310b8211b03a20a026ee18040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2461
cf-polished: origSize=29300
content-length: 23750
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 15:21:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e398bfe-7274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUwrBBwY%2F5EIdnq6T8CivT1SlYsOHthrD9M1hLomWPi37heyan4rw1Vqr5nbM6OpVtWEMIpWmhqBd3gWELKGCYD%2BNFF4SZsvRcZJoDDsua5xxGNjAe0qyPu7J8asuNtwQN%2FhULSqQ2buHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70ce61217e2a8fd4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 b7b0471bd8b1b953e9d2895c17dfae0b.jpg
www.vloot.io/storage/uploads/banners/ 64 KB
65 KB 60ms
60ms Image
image/jpeg 2606:4700:20::681a:a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vloot.io/storage/uploads/banners/b7b0471bd8b1b953e9d2895c17dfae0b.jpg

Requested by

Host: www.vloot.io
URL: https://www.vloot.io/js/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b521c3fcf046ee1e63a1ec7de52816f9e6dde705d26d70bf599c33856c6cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/campaign/0wqBx/10x-elden-ring-steam-key-giveaway?gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2459
cf-polished: origSize=74924
content-length: 65648
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Jan 2021 17:51:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ffc9005-124ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNanWYmrUcihrJujMTqpc%2FFm%2FVi226rJgBLWFYl5CWSpWgliQe9E5s2TNIzG7HUjvYcJGdlilNbfzAjdxJi5dgCLinRtFMbJXTBHKBYJRS0qtu5y0nDq8wG8a7lYS1SMUVpT0mTneeHvvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70ce61217e2c8fd4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 ER_Steam_Gif_616x260.gif
cdn.cloudflare.steamstatic.com/steam/apps/1245620/extras/ 16 MB
16 MB 46ms
45ms Image
image/gif 172.64.150.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudflare.steamstatic.com/steam/apps/1245620/extras/ER_Steam_Gif_616x260.gif?t=1649774637
Requested by: Host: www.vloot.io
URL: https://www.vloot.io/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9913b1edc9ad3e19ec2302eee8107f39d797e36c7992ff0ccba88ab8a9dd3f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 22:00:45 GMT
server: cloudflare
age: 12181
etag: "610c5f8d-ffb78c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
cf-ray: 70ce61217c2f91de-FRA
content-length: 16758668
expires: Tue, 24 May 2022 14:45:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 309 KB
110 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1479231709898856&plah=www.vloot.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91cf59c9affe8d6ef04109c7794739625ed7576153c9065a324d413d620a426b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112749
x-xss-protection: 0
server: cafe
etag: 15232124429715964896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 May 2022 18:22:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/ Frame A5F5 10 KB
5 KB 141ms
42ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vloot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 23:43:08 GMT
etag: 1428802124239944296
expires: Mon, 30 May 2022 23:43:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 59ms
58ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1899
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 70ce6121ccf69b94-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 20 May 2022 18:22:35 GMT

GET
H2 200 embed.js Show response
widget.gleamjs.io/0wqBx/ 34 KB
9 KB 292ms
182ms Script
text/javascript 104.18.30.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.gleamjs.io/0wqBx/embed.js?no_button

Requested by

Host: js.gleam.io
URL: https://js.gleam.io/e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.30.181 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a5aeb7fa0d8728522e332c4f547baa44e3e845ecb17e6e8b03e211a741c642

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61975
g-host: meepo14
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 7dc84f17-681e-4d87-96ac-d10fb99fcb9a
x-ua-compatible: IE=edge
x-runtime: 0.023270
x-robots-tag: noindex, nofollow
server: cloudflare
x-frame-options: sameorigin
etag: W/"29a5aeb7fa0d8728522e332c4f547baa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public, s-maxage=86400
content-security-policy: frame-ancestors 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
cf-ray: 70ce61235e059951-FRA

GET
H2 200 logo.svg
js.gleam.io/images/ 731 B
465 B 92ms
91ms Image
image/svg+xml 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 03:31:26 GMT
server: cloudflare
age: 3068
etag: W/"6281c58e-2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
g-host: meepo14
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 70ce6121cdd29066-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ 364 KB
144 KB 136ms
42ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

411a8ae4e9c823011e6f526f20d2b75f7df34203460c5af36470331dd3eda4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vloot.io/
Origin: https://www.vloot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147159
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:19:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122486317-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2869
date: Tue, 17 May 2022 17:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 17 May 2022 19:34:46 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 352ms
51ms Font
font/woff2 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://www.vloot.io/
Origin: https://www.vloot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:36 GMT
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325023
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raD5rwTTZ3nSkvhLJBxcAarbx22tcu8HvceoL%2BFqKxNhejJwh0pWJjlKd1KANz3Llgh%2B0EGJ%2B6D8EABB6%2F7uzPkdCxZJkacZsfA11dIlZbjz7sVnQFidUHe5PgaQEdBbMB%2B4rhYirCBqBDUajjCcIBXqvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 70ce61241ec09a12-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: _bDG0rdXADEqyqhYpNQjtXn-qQjVxoqUgVWYSOu9FrYkisl4rn9-0Q==

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 389ms
89ms Font
font/woff2 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.vloot.io/
Origin: https://www.vloot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:36 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325023
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5Z%2BhUS%2FaVoWaywvVmAucHOtqmPMztFljcaiWcNZlq90chGBmM1hlxq81rrl9xlMXi9iogOaOYtG9FeaqznQOj%2FGkl9TwpPO9P0cv7N7fyn0rT1y9xu34DlbCGqSEFLjjN%2BlGkG4nfZXOn7%2F%2F5rzbGivLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 70ce61241ec59a12-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: F6GjXPLp5DP4c6vB7YQ-ZK4UGMptbjyQbCKc3ddJuujcSfp3czrzNg==

GET
H2 200 web Show response
onesignal.com/api/v1/sync/78a00cd3-c766-4640-a668-841e3263e821/ 4 KB
2 KB 61ms
51ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/78a00cd3-c766-4640-a668-841e3263e821/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5a6f834025a05377e8d1a18b33a1564181e3742fd14180570a93067e6af4f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2458
cf-polished: origSize=4527
status: 200 OK
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2e042301-5f3c-463a-aaae-649cb2e2305c
x-runtime: 0.027569
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ebd926b1cbd7f4910d781a79a50c880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 70ce61228ec49b94-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 17 May 2022 19:22:35 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
642 B 1182ms
45ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.vloot.io&callback=_gfp_s_&client=ca-pub-1479231709898856

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1479231709898856&plah=www.vloot.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c9892733718dc26f9c8f1f80cded49348f64a75fd9ecfa3a4b4c59e41f468e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
46ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vloot.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 18:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 168ms
46ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vloot.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 18:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&tn=NAV&cls=navbar%20fixed-top%20navbar-expand-lg%20navbar-dark%20bg-primary%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 18:22:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B29 603 B
68 B 152ms
71ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1479231709898856&output=html&adk=1812271804&adf=3025194257&lmt=1652811754&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652811754821&bpp=3&bdt=1822&idt=154&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5602105393686&frm=20&pv=2&ga_vid=94692353.1652811755&ga_sid=1652811755&ga_hid=2092293952&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067416%2C31064018%2C31067526&oid=2&pvsid=2822649964723102&pem=424&tmod=95098443&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vloot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 18:22:36 GMT
expires: Tue, 17 May 2022 18:22:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 133ms
51ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220509&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36f9629909771a45002e1616a1831792a62f223660737a4503188dcfa203732e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 18:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10611
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 122ms
44ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2092293952&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&ul=en-us&de=UTF-8&dt=Games%20Giveaway%20-%2010x%20Elden%20Ring%20Steam%20Key%20Giveaway!%20-%20vLoot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1656415031&gjid=1851410191&cid=94692353.1652811755&tid=UA-122486317-1&_gid=261975545.1652811755&_r=1&gtm=2ou5g0&z=93238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vloot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 May 2022 18:22:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vloot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0A61 42 KB
22 KB 145ms
63ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3&co=aHR0cHM6Ly93d3cudmxvb3QuaW86NDQz&hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=rxsr807ihsch

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67c0cf052dbef095139ae08f797bdccf413a00b81d20daaa13004845f50e1333

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pa6g2dgxCMWikYbM8p_WAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vloot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22637
content-security-policy: script-src 'report-sample' 'nonce-Pa6g2dgxCMWikYbM8p_WAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 18:22:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 440ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 May 2022 18:22:36 GMT

GET
H3 200 embed Show response
gleam.io/0wqBx/ Frame 35BA 138 KB
26 KB 816ms
816ms Document
text/html 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/0wqBx/embed.js?no_button

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a086a22de4c711ca34d6ac39c8bb9c9d1a52135b1d9d509369653ff2a4359060

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vloot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: BYPASS
cf-ray: 70ce61241e7d9b40-FRA
content-encoding: br
content-security-policy: object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 18:22:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 01 Jan 1990 00:00:00 GMT
g-host: meepo15
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 8d74bb84-f4f1-4264-b69e-8c0e376bdcd2
x-robots-tag: noindex, nofollow
x-runtime: 0.042518
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H3 200 logo.svg
js.gleam.io/images/ 731 B
696 B 103ms
102ms Image
image/svg+xml 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.svg

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/0wqBx/embed.js?no_button

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 03:31:26 GMT
server: cloudflare
age: 6011
etag: W/"6281c58e-2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
g-host: meepo14
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 70ce61241e769b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 0A61 51 KB
24 KB 116ms
37ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3&co=aHR0cHM6Ly93d3cudmxvb3QuaW86NDQz&hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=rxsr807ihsch

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:09:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 0A61 364 KB
144 KB 134ms
56ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

411a8ae4e9c823011e6f526f20d2b75f7df34203460c5af36470331dd3eda4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147159
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:19:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0A61 102 B
134 B 47ms
46ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d5e67cf02a5aa8013d6de1c0ff04a1549edae8c44f2356b404292d2e356165a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3&co=aHR0cHM6Ly93d3cudmxvb3QuaW86NDQz&hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=rxsr807ihsch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 17 May 2022 18:22:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8A9 13 KB
5 KB 115ms
37ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vloot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 17:59:03 GMT
expires: Wed, 17 May 2023 17:59:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C13 783 B
533 B 46ms
46ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4274d1486521adc8cc2038ed8a8989242091fd33ec752aa5359df1f57712b061

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cd00P19SRPSaFt-VNVf_Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vloot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-cd00P19SRPSaFt-VNVf_Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 18:22:36 GMT
expires: Tue, 17 May 2022 18:22:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E63D 7 KB
1 KB 50ms
50ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52798cd909bc6c8c790662e64d358fff47e1cdc8ed83a2b866e63a0e169a5af3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KmtUtqk-OSC12QMEG6VVYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vloot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1112
content-security-policy: script-src 'report-sample' 'nonce-KmtUtqk-OSC12QMEG6VVYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 18:22:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C13 0
0 136ms
136ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220509&jk=2822649964723102&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame E63D 51 KB
24 KB 37ms
37ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:09:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame E63D 364 KB
144 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LfN32cUAAAAAHEFFt6jvGpJLwhhB9CYPlUxEYv3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

411a8ae4e9c823011e6f526f20d2b75f7df34203460c5af36470331dd3eda4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147159
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:19:49 GMT

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame C8A9 35 KB
13 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 09:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 09:58:57 GMT

GET
H2 200 w-164112657212216c4f1bfef356312da52a0d96e57b875de0e9a701d2c435e4d7.js Show response
widget.gleamjs.io/assets/ Frame 35BA 1 MB
305 KB 80ms
79ms Script
application/x-javascript 104.18.30.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/w-164112657212216c4f1bfef356312da52a0d96e57b875de0e9a701d2c435e4d7.js
Requested by: Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.30.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39612465d4c9194875e5efcfadd25344fc733e4a1d078845164ae16ac0c816c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 May 2022 05:47:02 GMT
server: cloudflare
age: 304312
etag: W/"627f4256-117e15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 70ce61295b7a9951-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget-classic-e2dd65e6833fc1abf8f0b6446fe7038a37ff6e7accf4078aa0fc47a0bc53e517.css
widget.gleamjs.io/assets/ Frame 35BA 243 KB
50 KB 57ms
56ms Stylesheet
text/css 104.18.30.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/widget-classic-e2dd65e6833fc1abf8f0b6446fe7038a37ff6e7accf4078aa0fc47a0bc53e517.css
Requested by: Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.30.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85edebb08757e2d1cf7420789ab436d26fa3c35b2d82298be97308d18106e36d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Mar 2022 05:29:40 GMT
server: cloudflare
age: 4366117
etag: W/"624147c4-3cab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
g-host: meepo17
cf-ray: 70ce61295b7f9951-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.3/css/ Frame 35BA 170 KB
32 KB 75ms
74ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

Referer: https://gleam.io/
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 21312013
x-amz-request-id: 10EHARC1DF7VMSGS
x-amz-id-2: KyfebVODUGX0TfBPcZA4qkZJX0qcNhj54Bt7GKDNX1+nTK4+xpCMXTLDDsAB5Br6i/V9BQ3nYGE=
last-modified: Mon, 28 Jun 2021 17:21:37 GMT
server: cloudflare
etag: W/"a28e912c1a41becec7f68848d739d5c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 70ce61295b6568f2-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame 35BA 10 KB
874 B 126ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Requested by

Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7203ca19b9d2b508fc7e3c4e3e7138b89fc399ee9e795ba87050308f50632d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 16:28:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 18:22:37 GMT

GET
H2 200 fraud-7acb4c1c399e568893b889b845e6decced0c03ef940e3151fb79c47381d1dfcb.js Show response
cdn.fraudjs.io/assets/ Frame 35BA 39 KB
13 KB 193ms
74ms Script
application/x-javascript 104.18.21.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fraudjs.io/assets/fraud-7acb4c1c399e568893b889b845e6decced0c03ef940e3151fb79c47381d1dfcb.js
Requested by: Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.21.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c484542566ff0b2cb1005825875d72f8635d96d474607eee82b57a13943b06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Aug 2021 16:35:11 GMT
server: cloudflare
age: 6769056
etag: W/"611a93bf-9d8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 70ce612b2b6b996e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 invisible.js Show response
gleam.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 35BA 50 KB
18 KB 62ms
61ms Script
application/javascript 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1652810400

Requested by

Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5a31cd696a0b56937562cfa0da570332ee75c0629454e212253fd53d2a7e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 70ce612b0d819b40-FRA
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C8A9 0
9 B 37ms
37ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?y7lg-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 logo.svg
js.gleam.io/images/ Frame 35BA 731 B
660 B 108ms
107ms Image
image/svg+xml 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.gleam.io/images/logo.svg

Requested by

Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 03:31:26 GMT
server: cloudflare
age: 6012
etag: W/"6281c58e-2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
g-host: meepo14
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 70ce612b0d839b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ Frame 35BA 507 KB
159 KB 142ms
45ms Script
text/javascript 2a02:26f0:ef::5c7b:c25a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: 5ae0c96915a915767aedc19b1b339da8f689e6362392f159af52abfdff18ab65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-LI-UUID: AAXfOKskciG+9Up/nxNVbw==
Date: Tue, 17 May 2022 18:22:37 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-lor1-x
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 162501
X-CDN: AKAM
X-Li-Fabric: prod-lor1
Expires: Tue, 17 May 2022 18:42:46 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ Frame 35BA 3 KB
2 KB 114ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7589c916bb3e1dced571a58e7a47168cef191e140b02a60af290b726fdbbc1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fGtuC9/+udW3QN3sw9UgrQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 17 May 2022 18:23:13 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: eajL72pYSw21qp99YAuz1I0IU2KfGfFUxNs9XupJxFS3QTiIlUwJGffyf3WQWzOpfeDvlc7yFd4kyUyB45a0pw==
x-fb-trip-id: 686109401
x-fb-content-md5: a7281167c17e225cfc966470f73a1620
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 17 May 2022 18:22:37 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f14a7ec0ce84433cee69efeea75c2a02"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 pica.js
gleam.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 35BA 19 KB
7 KB 67ms
67ms Other
application/javascript 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6ec3a7a55cd7263d40846f24b832f720329622316fe6260450348b678de849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 70ce612bdf479b40-FRA
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 35BA 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 35BA 44 KB
44 KB 213ms
130ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 67828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 23:32:09 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ Frame 35BA 134 KB
134 KB 57ms
56ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 7098397
cf-ray: 70ce612c59ea68f2-FRA
content-length: 136824
x-amz-id-2: UYHG4Kx75B6+kCBpEyGIg8hw2nf9fvMBk6fTq+uAd2dtoSBO1JOc5BJPL1jOZKAOM2eruvSOKB4=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "978b27ec5d8b81d2b15aa28aaaae1fcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: K24ESE4C7VJ454TX
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ Frame 35BA 165 KB
165 KB 111ms
111ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 6769053
cf-ray: 70ce612c59ee68f2-FRA
content-length: 168768
x-amz-id-2: mLtumRrSjy7inG2L5KeTiuY/EIP5hK951bXkDICCIXg4d/LT+BNHMaayfLt+MAU5oXpZnTNx2rY=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "d8689b99dce7c881d3130f3c91cfefdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 81Q8MH58KTG861BJ
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ Frame 35BA 30 KB
31 KB 130ms
47ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 4532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:07:05 GMT

GET
H3 200 checkbox.png
gleam.io/images/ Frame 35BA 368 B
790 B 106ms
105ms Image
image/webp 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gleam.io/images/checkbox.png

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-e2dd65e6833fc1abf8f0b6446fe7038a37ff6e7accf4078aa0fc47a0bc53e517.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.gleamjs.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4666214
cf-polished: origFmt=png, origSize=655
content-disposition: inline; filename="checkbox.webp"
g-host: meepo17
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 368
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 23 Mar 2022 05:10:57 GMT
server: cloudflare
etag: "623aabe1-28f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 70ce612dbbe79b40-FRA
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ Frame 35BA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fa-light-300.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ Frame 35BA 180 KB
180 KB 57ms
57ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-light-300.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 7059871
cf-ray: 70ce612dcd1268f2-FRA
content-length: 184144
x-amz-id-2: xgXoDb26sfxXboRPyN9w2hMK95KVvuWUTyN+M20DkQoIlbo/q4940MilFF2a+W3dwfPKLZYDMi0=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "de11da0fb48a14c9cbc05b0a24ed6efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: HMHJ6Z6NFR2CRAPA
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ Frame 35BA 75 KB
75 KB 51ms
51ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 7060328
cf-ray: 70ce612dcd1768f2-FRA
content-length: 76740
x-amz-id-2: 5qS5kV6/GWDbfsWd06pIhtOt5feGFE/1Llkgt+yETE25XQOKaJpY1QXoDg8mSSdjf2pGHsrHoxc=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "0511670fe2f5405105a6760294c5c51d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: FD3DKT9DAB734K8J
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 vloot-voidu-eldenring-1080x567.png
user-assets.out.sh/user-assets/1680254/mvhXjm4G1t03zAwK/ Frame 35BA 191 KB
192 KB 162ms
51ms Image
image/png 104.18.9.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-assets.out.sh/user-assets/1680254/mvhXjm4G1t03zAwK/vloot-voidu-eldenring-1080x567.png
Requested by: Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72e15e51f179e02e2fc9027895456efd8478e72a7431328c567151243e34b78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:38 GMT
cf-cache-status: HIT
age: 4386
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 195418
x-amz-id-2: A9uH2y+Vs//WbLR5zAqbdh3O+f/0N3LAUeRmLZmSygW7tqNdrS9SYuPu/HpRi5qUDf0IpMML878=
last-modified: Sun, 15 May 2022 20:57:52 GMT
server: cloudflare
etag: "c95f25401000edff1f3b0bdfdb596eb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: F3S1MDB5N4VX4P9T
cache-control: public, max-age=14400
x-amz-version-id: KoxZXNbClCRshx48eE6q4o8piF8aUqJd
accept-ranges: bytes
cf-ray: 70ce612fab259b7a-FRA
expires: Tue, 17 May 2022 22:22:38 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame 35BA 286 KB
81 KB 78ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

888e4712ff0502789d553131336f77d09aeff10aaef454f19f4371c0056b591e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gleam.io/
Origin: https://gleam.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MXI5WTQsQE7314pG7v3ASw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 17 May 2023 16:27:09 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 83245
x-fb-rlafr: 0
x-fb-debug: vmn5VvwxgzaVScDpTlGR1c8xVkq8CrvLOWr3uk+hiOyEybtJQnRncXFrEeiaxHIZu0WcLNQxCLRLvJIk134Ikg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 98bf7e8259f0519439496a1b156ec590
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:37 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a31945fa6564443f5b21c2a3aafb1575"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 telegram-widget.js Show response
telegram.org/js/ Frame 35BA 19 KB
6 KB 139ms
44ms Script
application/javascript 2001:67c:4e8:1033:2:100:0:a
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-widget.js

Requested by

Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:1033:2:100:0:a Bergen, Norway, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

60c62e0e44a2b4a1116d28f8a69f20c108cc84b5c173060d134a6ec083e12240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:38 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 10:47:14 GMT
server: nginx/1.18.0
etag: W/"6257fbb2-4a0b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 21 May 2022 18:22:38 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 35BA 97 KB
29 KB 171ms
37ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: gleam.io
URL: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:22:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1361
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:06:46 GMT
Server: ECS (frb/6725)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 138ms
138ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220509&jk=2822649964723102&bg=!ODulO3_NAAZX5TVhd-U7ACkAdvg8WoiqzrHowWj5Ru5MKltiQLSoC6UfYf-FrG-BY94867nvpHH-TAIAAABgUgAAAAFoAQeZApiQCSCosQxuwUfvVZn0b5Db9zkBDilqvpx3wXby7wVeqaVdFOIQLKzXi5PrwJk0dICdNkehpmzZcAQpxf3cyvEdsdAmphGLj0s7etH8b8muljQC2HO0jh2VyCiKe-aMstiFs2DLsVqF1sWWPUzCj735VdWHJn1bkOxOtPYOyZZZtUnj-s6PMBaLvq3xgDlHp_5F96QqUfLCVJvhRHcMcW1jufb1fKlq7SvPYOznpK7SwJ0lZggDqMDQbkZ7ixjGun-tbz5wTFKDuMzktM2RZ8VgYX01fgOjKYalvrzuooo2DSTS-oxt-tHeB4xdGLsase26kN9bg3p0izsGD1ZwwvvffiTzpqsvnvBYxwjOVWKwscq6-CPC8ky9BF-7yCI3vcCajtKiOZ9IK6FrCXE39ga4p2u73iHyvOCGPzK6nXjaia-cVjYN26jyEs2kIvi28OV5kZBnM_Cc-ZYunY4JIORHMBjLRITpA5eMxHWVIl6OfL5YCQ6Gzm27k3HXFKhTsEL1PLDz3kGBGihqB5NxE3O-cBJjlwSIAXLM3ggFWYSJ4kbok3frX7YK_CAPi0u98CUED8UH-UD9rrnq0Xw4M2lcHTUAxFyyQ-Ui8tLZ7cgxbgffI4DN-jXunmdVDibKq5LrAL45NhFhArwTnfseSphFsHmyNYZTptDhlo2aZbrygClS2gty-Z9W0-fpRHwntFT2Gl-CWfG_T5i_PmhRJ18Uzfj98x2jp_5UYMChygvER7NZTAu4WFZVPT3dFirGzlOTsr-P_h-JCPKqzdfWJFnur57uPY03Io5K8CZhiNW-WVaTFGFZakv4ldWGIok8ZiuGn07kdAsX4DLDUaF3cRAc3s6G7WcpR2r6N2ZQUsWlS6h0cvFJ41G_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 35BA 0
0 153ms
77ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.vloot.io&client_id=152351391599356&input_token&origin=1&redirect_uri=https%3A%2F%2Fgleam.io%2F0wqBx%2Fembed%3Fl%3Dhttps%253A%252F%252Fwww.vloot.io%252Fcampaign%252F0wqBx%252F10x-elden-ring-steam-key-giveaway%253Fgsr%253D0wqBx-iWq5BrWUVi%26r%3D%26gsr%3D0wqBx-iWq5BrWUVi&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: fG6/Ptib/qV83D8VqpUKnNPKsM5B0ol12jQyqaMkD2XlPkZdmYdfVf4p2hUHY/8PKhZkL2M2zRYI4pJuHU0W5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 17 May 2022 18:22:38 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gleam.io
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame AA8F 0
3 KB 132ms
68ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22024481763b84%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: xRGL8MzyZgciC8chRR0akZSDqX87IGNYqiDQpYoRwtG3+tC7CzRx5EuxBO3FNq6tPAJ4oq95mdoW6jMDtpYRBg==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 2B3D 0
120 B 131ms
76ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27a65093c266cc%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: odKwicLsSPr9OvH2pFSrffl9OM9Dr6FJb1X73iDrgkvSkP0eP0Kpd5Nlu+yowJaXGk8C5XqOmX4zJfDZ5IWJYA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 9A1A 0
131 B 119ms
73ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3243b9090ba91%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: AJWWZgzgIGHT9ucx2KhfghxV2c6C90kLguKoF1jruDABpBvdZ9Mtq33gfqBqhDFZIdT30tLT4IfNScFUCCM81w==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4437 0
119 B 108ms
74ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1656e9daac9608%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: 6M9IJJ7dKRKj3eu27DPLx2jLhLQfUWbDS2LMnE4lcq88Vez1Smaa18OOBlCbz0gFqILBTgVVL5Tfz30wQqYIqQ==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 3670 0
119 B 89ms
69ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31cf5039b6435c%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: 6z1QBv6lDhhkJqsgx9WBhv/E0mxwwQwyO13FVSvvvIBNIKOxbZjd4eI6vRc9T0x/XIncAVa0DBLBLTeTNHSXXg==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame AEDB 0
119 B 83ms
75ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ddbf436ddced4%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: IWOWfpau4LRPABxNZvAMFRlNzZQ3dpchytKnKoNuIGKgeaDIh6aXPYP1TRZWLKtJumuoQYzFcvqr2sytXa/rzw==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame B29B 0
117 B 70ms
70ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14441f46ed49c%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: rm9YAYy8ieGxYIDsbuL27zienKihTIGmgYjtLJakZ9wm0JPTCwxernJyzzcQcotXew4SXUl3PPaJpwyufX3afA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 0DF6 0
120 B 95ms
95ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbeaa70da5b664%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: bvFlmWhgG6Ghw0Kk3WwgnyVxB8iQOlLQsOXkhauEEE2s9vqjIHThHt/KxKQDvgi/ANXrJ0Lk0+AydFUJ3J1Mog==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 1013 0
122 B 78ms
78ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df237914425906a%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: IIF//NpB44PAFfqjAtP+T/xL+tDr3gGysc+vP+Imx+GAJRUwiJKzu4xycWA4GuTtOvQBSUtC3V9+MIOtxHx5JA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame CD6B 0
121 B 79ms
79ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2183332f6acd4%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff26ea4a3a92793%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FvLoot.io&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1989d61e6b6cb56afcab552bc6d3d22e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 18:22:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: V/TUZVJ8dVZO1PvZeKUVPFniOuPfNBj93OSfdFvgUgMwxpCyoYXPVcHhRj5KiOeHPOwshyybec5KYvBdFIWUiQ==
x-xss-protection: 0

POST
H3 200 70ce61241e7d9b40 Show response
gleam.io/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 35BA 2 B
499 B 65ms
62ms XHR
text/plain 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/cdn-cgi/challenge-platform/h/b/cv/result/70ce61241e7d9b40

Requested by

Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1652810400

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gleam.io/0wqBx/embed?l=https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway%3Fgsr%3D0wqBx-iWq5BrWUVi&r=&gsr=0wqBx-iWq5BrWUVi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 18:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
cf-ray: 70ce61353b219b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame F704 319 KB
104 KB 37ms
37ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fgleam.io
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://gleam.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 103314
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Tue, 17 May 2022 18:22:39 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Sun, 15 May 2022 20:03:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669F)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F704 278 B
461 B 225ms
143ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a62b0d46d42430a864b98a1bf87b0827c54c7570

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fgleam.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 17 May 2022 18:22:38 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 18:22:39 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 05a7a9d0b3315e54485195837e459b973e34755c11762c3c460ec67a6a3191f3
content-length: 179

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 62ms
62ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:41 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1915
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 70ce61428caa5c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 16 Jun 2022 18:22:41 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/78a00cd3-c766-4640-a668-841e3263e821/ 44 B
574 B 201ms
149ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/78a00cd3-c766-4640-a668-841e3263e821/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vloot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0dc19cfa-d47c-4fc4-9d16-b1805c07b259
x-runtime: 0.007297
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 70ce61436d709a0c-FRA
access-control-allow-headers: SDK-Version

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 113ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vloot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 112494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:07:47 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gleam.io/	1970-01-20 03:06:55	Name: PP-0wqBx Value: *
gleam.io/	1970-01-20 03:08:18	Name: owner_token Value: d9gf7P7oIPadknQs66UTGw
gleam.io/	1970-01-20 03:27:01	Name: SH-0wqBx Value: iWq5BrWUVi
www.vloot.io/	1970-01-20 03:06:58	Name: XSRF-TOKEN Value: eyJpdiI6InEyVGNJemR2ZG95QUxtQ0laQWUzL3c9PSIsInZhbHVlIjoiWmRHV3o4eWYwbGRFbm80RDg1VDNXL1FlNSs2Qk9YZ1VmSDl6bnQrcTZENW5SSjVFV0p6aEpiT1RBVDVGOWQ5NkcwT1VoaFlyOXdPMVJKSlFqSytzWDZNbGlIQnMrcXpoRWlObVJpdmxLTG1ZZFlnZDRxWlVCWXJYbWdmbU1ldlIiLCJtYWMiOiI2YTg4MDk1ZjhkOWJmMDE1NmU1MTEwZTY5YTI2NTUwOWE2NjgzMmMzNTdkMDU4ZmQyZTJmNjg1ZGRkY2UzN2RlIiwidGFnIjoiIn0%3D
www.vloot.io/	1970-01-20 03:06:58	Name: vloot_session Value: eyJpdiI6IlRvaUpwaXpKcTFiWEVWSWhISngwTEE9PSIsInZhbHVlIjoiN3cxUm5CR0tlNkRJTHhTZ293RWVpNFprUW5nblhVd2o5VnNrU0RqTWJFRnNoUDZ1cDVOVzVBeDJyZHlydTQxWnpPVVYzYTdPQ2xnSDhkSnMrY00xRDJSL3RnUjd6N1o4alZ2NFdTZXNVZFFLUUgzTEYvK0F4WkZCTUxwUzdxSVoiLCJtYWMiOiI3MjJlNzRmMTZiMDI3YWZjODFhNmU2YTM4YTAwNjI0MzEwNGExYTE1ZTkzYzA1ZDVkYzY3OTcwYThmMjk1ZWE5IiwidGFnIjoiIn0%3D
.vloot.io/	1970-01-20 20:38:03	Name: _ga Value: GA1.2.94692353.1652811755
.vloot.io/	1970-01-20 03:08:18	Name: _gid Value: GA1.2.261975545.1652811755
.vloot.io/	1970-01-20 03:06:51	Name: _gat_gtag_UA_122486317_1 Value: 1
.doubleclick.net/	1970-01-20 03:06:52	Name: test_cookie Value: CheckForPermission
gleam.io/	1970-01-20 03:08:18	Name: RL-0wqBx Value: https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway
gleam.io/	1970-01-20 03:08:18	Name: L-0wqBx Value: https%3A%2F%2Fwww.vloot.io%2Fcampaign%2F0wqBx%2F10x-elden-ring-steam-key-giveaway
gleam.io/	1969-12-31 23:59:59	Name: _gfpc Value: t
gleam.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: WJEnAR58mc8TtjnO7fWNJwU4Q2y%2Foy4i3fYFST6G6%2FoHv3%2FYoZGYxPgDYnqsjCvtCWwYkisP9vzDKcxpxk3nVg%3D%3D
gleam.io/	1970-01-20 03:47:10	Name: _app_session Value: 3jNmuQ73aAY5g1yrS6Cn9%2FBvyh9d2Cdv32if1PN4o%2BL6aIRkrMopYYmV9X%2F0E6zKk73HaWxm8AzUzih84Ot9HdOmo5Sv4fYj7mQ6D%2BQqVhXn97uChgZr6k%2FxikaaXb3m8eQqr0OLDeQpHs9klMKB47Esz4KItodV5eZ78Dl3XJfxpTWgR5zqNHqe%2BD3fIeSLSajyj1QLm%2BKapNDhP%2BUqcbWahTQpF%2BIjQBGMgUq91x5XWyMBtcSA8%2FPdXDaiAv42kJ%2FKs6RngdmBXG09e5%2BpqU4C%2FVvWvU3wIg%3D%3D--jJG4NEE%2BKMj6ea1N--MMNRHizSQuqGM9tyBklT9A%3D%3D
.vloot.io/	1970-01-20 12:28:27	Name: __gads Value: ID=49bc5e0129bc6a44-22bc15b196cd0083:T=1652811757:RT=1652811757:S=ALNI_MbEjo06fSJtAu4rLb9meYpGXsdCGA
.gleam.io/	1970-01-20 03:06:53	Name: __cf_bm Value: L_oTfmhhlaQvWtougsmBFgPXsa4hbpMNCXtfAWoA4Lo-1652811758-0-AZLDHbSeRrgU0axbRtew88Jpz5RZ1xRWRsuIqiB/LMfg/ni+G4XqRO/su8jLJhohOt9ioPAZ+F4bDnkwrl9LHrnnamhO3ktwTnddFh94daSV2hKosAlODOEdpKv0Xq7Mm2XFm6H6Ir7T5QucAfUA3XrbM2HcsXxJHHFi5sJc0+cE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://widget.gleamjs.io/0wqBx/embed.js?no_button(Line 390) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.cloudflare.steamstatic.com
cdn.fraudjs.io
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gleam.io
googleads.g.doubleclick.net
js.gleam.io
ka-f.fontawesome.com
kit.fontawesome.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.linkedin.com
platform.twitter.com
pro.fontawesome.com
syndication.twitter.com
telegram.org
tpc.googlesyndication.com
user-assets.out.sh
widget.gleamjs.io
wn.nr
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.vloot.io
104.18.21.100
104.18.30.181
104.18.9.67
104.244.42.200
172.217.16.130
172.64.150.233
172.66.40.77
172.66.43.179
2001:67c:4e8:1033:2:100:0:a
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:a36
2606:4700::6811:180e
2606:4700::6812:1634
2606:4700::6812:e234
2a00:1450:4001:801::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2008
2a02:26f0:ef::5c7b:c25a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::a
35.169.134.166
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
058bf2fbec8bbad564aca80bc9f3ac97815aef97d42f2399ed9dbb8e261d466d
0b521c3fcf046ee1e63a1ec7de52816f9e6dde705d26d70bf599c33856c6cfd3
0d5e67cf02a5aa8013d6de1c0ff04a1549edae8c44f2356b404292d2e356165a
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29a5aeb7fa0d8728522e332c4f547baa44e3e845ecb17e6e8b03e211a741c642
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
300fc6d28394cf9a3c82af2fbcf04d24677532b310b8211b03a20a026ee18040
35ecdd4a46529fa6c34ccc21dc6f4a6e5dc12da07a0f48cfc0e07fd0141d11f3
36f9629909771a45002e1616a1831792a62f223660737a4503188dcfa203732e
39612465d4c9194875e5efcfadd25344fc733e4a1d078845164ae16ac0c816c8
3c484542566ff0b2cb1005825875d72f8635d96d474607eee82b57a13943b06a
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
411a8ae4e9c823011e6f526f20d2b75f7df34203460c5af36470331dd3eda4bd
4274d1486521adc8cc2038ed8a8989242091fd33ec752aa5359df1f57712b061
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4a5a425b6811b74eee9d53f50e368c0d00c26b0b631f22c6909056a8c24f6e61
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
52798cd909bc6c8c790662e64d358fff47e1cdc8ed83a2b866e63a0e169a5af3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e06bdde97b2471f301962320b56eae8cf339f61271725b4d5190fba7672263
5ae0c96915a915767aedc19b1b339da8f689e6362392f159af52abfdff18ab65
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
60c62e0e44a2b4a1116d28f8a69f20c108cc84b5c173060d134a6ec083e12240
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67c0cf052dbef095139ae08f797bdccf413a00b81d20daaa13004845f50e1333
69f3324e42c3b5c1ea0171651fae8f5196e862a79e4ce1345de5ac38406513ef
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7589c916bb3e1dced571a58e7a47168cef191e140b02a60af290b726fdbbc1b9
7611a8d5ae058c9358f68e12259861ccf9a74f857a0ef33a17713eaff4c7e13c
7f79167b340363ee6bc7dc73887f59c513a22c9a4e5b4fb9b48b3068dad2dcf7
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
83d1bcef9e7c482d13e08031706ff7f6c2c31acdaec744228f353cbe736d8093
85edebb08757e2d1cf7420789ab436d26fa3c35b2d82298be97308d18106e36d
888e4712ff0502789d553131336f77d09aeff10aaef454f19f4371c0056b591e
8d18458c3d0c22a82377f114403a86aa61d0d8196e1ab6f0f28ab03e1838b1ea
8d343190ab80adf06d442d61dded2102b66cd7751108bbc96a668ae2a1e135f3
91cf59c9affe8d6ef04109c7794739625ed7576153c9065a324d413d620a426b
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9913b1edc9ad3e19ec2302eee8107f39d797e36c7992ff0ccba88ab8a9dd3f63
a086a22de4c711ca34d6ac39c8bb9c9d1a52135b1d9d509369653ff2a4359060
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a6f834025a05377e8d1a18b33a1564181e3742fd14180570a93067e6af4f65
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7203ca19b9d2b508fc7e3c4e3e7138b89fc399ee9e795ba87050308f50632d9
ac6ec3a7a55cd7263d40846f24b832f720329622316fe6260450348b678de849
b0f8f4aa0969e185d617675f4f27ae90d3f5311d6aac91ec61a6e0b2c8c78e7b
b3398d55b997378387dbbf0bc34d536fda87d3c77072e608597b53dbea77220c
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b818f415afe0a39ce1c247beb2410fd9cf7c1e6996515e1b35c5ddf63aad976c
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c5b12617ee5308b2433077af590d2c0391abcb2886c6cdb8408bc8f096d92693
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9892733718dc26f9c8f1f80cded49348f64a75fd9ecfa3a4b4c59e41f468e36
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cebba1d297e8a15f1ded58251d16810ce002fd745f2cdabe8bff5b8ddc4078db
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e72e15e51f179e02e2fc9027895456efd8478e72a7431328c567151243e34b78
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fb5a31cd696a0b56937562cfa0da570332ee75c0629454e212253fd53d2a7e8e
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.vloot.io Open in urlscan Pro 2606:4700:20::681a:a36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

100 %HTTPS

70 %IPv6

24 Domains

32 Subdomains

30 IPs

4 Countries

37285 kBTransfer

41459 kBSize

16 Cookies

10 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vloot.io Open in urlscan Pro
2606:4700:20::681a:a36 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

100 %
HTTPS

70 %
IPv6

24
Domains

32
Subdomains

30
IPs

4
Countries

37285 kB
Transfer

41459 kB
Size

16
Cookies

99 HTTP transactions
4 data transactions