gleam.io
Open in
urlscan Pro
172.66.43.179
Public Scan
Effective URL: https://gleam.io/VhjKk/blooming-giveaway?gsr=VhjKk-2qZMYsZhYI
Submission: On March 11 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on January 19th 2024. Valid for: 3 months.
This is the only time gleam.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-195-93.compute-1.amazonaws.com
wn.nr |
ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com | |
ka-p.fontawesome.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gleam-prod-user-assets.s3.amazonaws.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1405 ka-p.fontawesome.com — Cisco Umbrella Rank: 3225 |
510 KB |
13 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
4 KB |
13 |
gleam.io
3 redirects
gleam.io — Cisco Umbrella Rank: 71327 js.gleam.io — Cisco Umbrella Rank: 82857 |
548 KB |
2 |
gstatic.com
fonts.gstatic.com |
80 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 66 |
69 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
88 KB |
2 |
gleamjs.io
widget.gleamjs.io — Cisco Umbrella Rank: 109133 |
365 KB |
2 |
fraudjs.io
cdn.fraudjs.io — Cisco Umbrella Rank: 273453 |
41 KB |
1 |
amazonaws.com
gleam-prod-user-assets.s3.amazonaws.com |
216 KB |
1 |
out.sh
user-assets.out.sh — Cisco Umbrella Rank: 191750 |
597 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 788 |
7 KB |
1 |
linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3531 |
160 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
2 KB |
1 |
wn.nr
1 redirects
wn.nr — Cisco Umbrella Rank: 829517 |
348 B |
60 | 14 |
Domain | Requested by | |
---|---|---|
21 | ka-p.fontawesome.com |
kit.fontawesome.com
ka-p.fontawesome.com |
13 | www.facebook.com |
connect.facebook.net
|
12 | gleam.io |
3 redirects
gleam.io
widget.gleamjs.io static.cloudflareinsights.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.youtube.com |
gleam.io
www.youtube.com |
2 | connect.facebook.net |
gleam.io
connect.facebook.net |
2 | widget.gleamjs.io |
gleam.io
|
2 | cdn.fraudjs.io |
gleam.io
|
1 | gleam-prod-user-assets.s3.amazonaws.com |
gleam.io
|
1 | user-assets.out.sh |
gleam.io
|
1 | static.cloudflareinsights.com |
gleam.io
|
1 | platform.linkedin.com |
gleam.io
|
1 | js.gleam.io |
gleam.io
|
1 | fonts.googleapis.com |
gleam.io
|
1 | kit.fontawesome.com |
gleam.io
|
1 | wn.nr | 1 redirects |
60 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
hellcase.com |
www.reddit.com |
instagram.com |
www.facebook.com |
twitter.com |
youtube.com |
snapchat.com |
support.snapchat.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gleam.io GTS CA 1P5 |
2024-01-19 - 2024-04-18 |
3 months | crt.sh |
widget.gleamjs.io E1 |
2024-01-21 - 2024-04-20 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
cdn.fraudjs.io E1 |
2024-01-20 - 2024-04-19 |
3 months | crt.sh |
platform.linkedin.com DigiCert SHA2 Secure Server CA |
2024-03-03 - 2024-09-03 |
6 months | crt.sh |
cloudflareinsights.com GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-20 - 2024-03-19 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
out.sh E1 |
2024-01-19 - 2024-04-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
This page contains 14 frames:
Primary Page:
https://gleam.io/VhjKk/blooming-giveaway?gsr=VhjKk-2qZMYsZhYI
Frame ID: A84977ABD52EFEE49C9A319EB230AEA8
Requests: 48 HTTP requests in this frame
Frame:
https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 3DEE6AB8E0DF0532F79AC3B865B90236
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4383e205bc75fe00%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 688D2D4AA0ABE388ECA4535E51B771AF
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dffb87010db23cff9e%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 989C6539B3F415986656E6AAA4F3D722
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0c1b06aa38d8eaf3%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 75C62B19DB36ED06C62EDE88AB192315
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfec7de8e6037a3bb7%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 84910F35B7CB8BD03F8B8E27738D8597
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfacfea8043efef3e5%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: B7388EF5A073B05A086EF8644AF69806
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc1734271f4c5b44b%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: C817DDA9EA9640810E16E02480F95E7A
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df431ee5c7ebf25a16%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: E1EC9D475B42BA6E963FFF8E5FDC74E5
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8e37e23b02e01cb6%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 5548AC0AAE8F1AAE9056453475459165
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe0d2f406b9b0f16d%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=285&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom%2F&locale=en_US&sdk=joey&show_faces=false&width=285
Frame ID: 10C9132922020834A70780FF6FB7E203
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6e20075e26407c83%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 407640B3B5B1DACAAC86A426698D2B13
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5ecf3b9ae1109da6%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 3C08AE4D8415A480CC7EFAD949AA8119
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbb77871ae09e08f3%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff7b9edc4255df6059%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2Fhellcasecom&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 44AF26C2E3B9A94870DB48A9E351EE2A
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Blooming GiveawayPage URL History Show full URLs
-
https://wn.nr/FbKxFLp
HTTP 301
https://gleam.io/VhjKk-2qZMYsZhYI HTTP 301
https://gleam.io/VhjKk/blooming-giveaway?gsr=VhjKk-2qZMYsZhYI Page URL
Detected technologies
Cloudflare Browser Insights (Analytics) ExpandDetected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Linkedin (Widgets) Expand
Detected patterns
- //platform\.linkedin\.com/in\.js
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: OPEN THIS CASE
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Title: instagram.com/hellcaseofficial
Search URL Search Domain Scan URL
Title: Visit hellcaseofficial on Instagram
Search URL Search Domain Scan URL
Title: CS:GO Hellcase
Search URL Search Domain Scan URL
Title: twitter.com/hellcasecom
Search URL Search Domain Scan URL
Title: Follow
Search URL Search Domain Scan URL
Title: youtube.com/channel/UC9Li932hgcGYAnSetW1HTyw
Search URL Search Domain Scan URL
Title: snapchat.com/hellcasecom
Search URL Search Domain Scan URL
Title: Click here if you're not sure how to use Snapcodes
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wn.nr/FbKxFLp
HTTP 301
https://gleam.io/VhjKk-2qZMYsZhYI HTTP 301
https://gleam.io/VhjKk/blooming-giveaway?gsr=VhjKk-2qZMYsZhYI Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js HTTP 301
- https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
- https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
60 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
blooming-giveaway
gleam.io/VhjKk/ Redirect Chain
|
186 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
widget-classic-6eb5e19432081bd4a7640f37c33c9a79ab13fc6b1dfafc22e229f73795c264f9.css
gleam.io/assets/ |
257 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
w-fe398b7f00159129fe39b9388480275761fac8ac5e7823b1e35d569804c97160.js
gleam.io/assets/ |
1 MB 314 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/ Redirect Chain
|
56 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w-fe398b7f00159129fe39b9388480275761fac8ac5e7823b1e35d569804c97160.js
widget.gleamjs.io/assets/ |
1 MB 314 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-classic-6eb5e19432081bd4a7640f37c33c9a79ab13fc6b1dfafc22e229f73795c264f9.css
widget.gleamjs.io/assets/ |
257 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b36c7d9009.css
kit.fontawesome.com/ |
298 B 520 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/ |
56 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
upload.png
gleam.io/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1024,onerror=redirect/https://gleam-prod-user-assets.s3.amazonaws.com/user-assets/283355/1R3cmlGxMaAuXB8M/ |
3 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
js.gleam.io/images/ |
731 B 499 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.js
platform.linkedin.com/ |
510 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ |
669 KB 117 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-icons.css
ka-p.fontawesome.com/assets/b36c7d9009/86036195/ |
12 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back-blooming-giveaway.jpg
user-assets.out.sh/user-assets/2152621/nxuEbGVmOVyPMpuO/ |
595 KB 597 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 3DEE Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
checkbox.png
gleam.io/images/ |
368 B 705 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
99 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
39 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-light-300-11.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-regular-400-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-2.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-regular-400-15.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-7.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-regular-400-2.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-brands-400-2.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
37 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-15.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-13.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
blooming-giveaway.jpg
gleam.io/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1080,onerror=redirect/https://user-assets.out.sh/user-assets/2152621/ognX2BYyJwyu5gsk/ |
137 KB 137 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screenshot-at-may-29-19-00-54.png
gleam-prod-user-assets.s3.amazonaws.com/user-assets/283355/GHneTqboTvYxMcaC/ |
215 KB 216 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.js
connect.facebook.net/en_US/ |
300 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/c48a9559/www-widgetapi.vflset/ |
215 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
862ef75f9c184522
gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3DEE |
0 346 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 688D |
0 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 989C |
0 193 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 75C6 |
0 191 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 8491 |
0 190 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame B738 |
0 190 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame C817 |
0 192 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame E1EC |
0 192 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 5548 |
0 190 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 10C9 |
0 192 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 4076 |
0 191 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 3C08 |
0 189 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 44AF |
0 190 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
gleam.io/cdn-cgi/ |
0 136 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| fallbackToHostedFontAwesome string| campaignKeyOverride string| actionMarketingAppName function| escapeStringRegexp function| tagToHashtagRegExp function| Cookies function| _getGSAP function| CSSPlugin object| cssCore function| _removeLinkedListItem function| _removeProperty function| PropTween function| _getAllStyles function| ClassNamePlugin object| LocalStorage string| TALKER_TYPE string| TALKER_ERR_TIMEOUT function| objectCreate function| defer function| Talker function| jqueryLikeOn function| withParam function| addExpid function| $ function| jQuery function| jsmd5 object| fraudService function| ClipboardJS function| elementResizeDetectorMaker object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| simulateEvent function| trackEvent function| trackPageview function| moment object| angular object| Gleam object| ifvisible object| linkify string| pageType string| pageViewOverride object| messageBundle string| facebookAppId object| tag object| firstScriptTag function| initYoutubeVideo function| onYouTubeIframeAPIReady object| __core-js_shared__ object| Sslac object| IN function| parseLinkedIn object| conversionTracking undefined| configPayload object| FingerprintJS function| gleamFraudCalculator object| __cfBeacon function| fbAsyncInit function| fbLazyInitPost object| FB object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| __buffer13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gleam.io/ | Name: PP-VhjKk Value: * |
|
gleam.io/ | Name: owner_token Value: PP3FD0vtdxqwbdbKD0-QYQ |
|
gleam.io/ | Name: SH-VhjKk Value: 2qZMYsZhYI |
|
.gleam.io/ | Name: __cf_bm Value: dObNZVMC46xncwHHAtGAnVQtmMsVFtCfVd8ogkMzui0-1710195988-1.0.1.1-CIlSsROha_96GHXxWx_49Z_CVT4wGru3BJacFPrgI7wSFqudNl6ViVcGPSJb_H04hr2N8Yl5Xon6S5qMQQ3HlQ |
|
gleam.io/ | Name: RL-VhjKk Value: https%3A%2F%2Fgleam.io%2FVhjKk%2Fblooming-giveaway |
|
gleam.io/ | Name: _gfpc Value: t |
|
gleam.io/ | Name: XSRF-TOKEN Value: WQIFt4FZuY8v48x3OnhDTEEY04Zgg9L00LMRNEzWFmnIReJMePnNFpMn6nJYZnLWXhUAc3Ki0La4C1zalYoWTg |
|
gleam.io/ | Name: _app_session Value: KNYUv87Co1HnHk3R55F8QXSk0CnXMSG8LFVGZDr4EIP3th%2Bt1i%2FvH8GvbBZe68wFWGRfifiF8SSjaeXo9lLMLm%2FYcFBXPOf%2BIFIVuDNls0GdqC3H3eumStFt9Qq1p8rVt3WeFwaINPC%2FoXLSZ%2BG4YjZzgfJaVTYBCMNb27hxrpzbIG2yxDo%2Fz9oc%2BVSqLYW6fhML0qoUIKN0gAvGK%2BN%2Flj%2Bae4RUYWmXPkdDCsRiaTnhBuw3UkMul2I6WjUOpyqCvOoz5Et0l3gvgdiaiGZ19YulqixMLO6irmmdDJtFFZh73B%2BatQWt4A9J--UvGqgb2tQsr0bfwu--Ly2ZGRWaJOnI%2FPTVclasTw%3D%3D |
|
gleam.io/ | Name: fpr Value: a30b661013a0f8d5b2ce6794d3272e19.5e7abd8e1d19217b7e4e25b6bd30ddea |
|
.youtube.com/ | Name: YSC Value: 5Tn5hAaCC4s |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: Gd3gaZV0ATU |
|
.youtube.com/ | Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgUg%3D%3D |
|
.gleam.io/ | Name: cf_clearance Value: 9.rCrERb2xoUiGWeMCjrGw5FLCaSs0DHnJ4SbPzK5aE-1710195990-1.0.1.1-fsJ26PjV9GjIXnKjE4kwN3EVIymyJ9TndGptAbvJFlERVAuzfEuQ3UaMHJQ1s9oGz9meLOEqN.4JhfnKAdWUcw |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.fraudjs.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gleam-prod-user-assets.s3.amazonaws.com
gleam.io
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
platform.linkedin.com
static.cloudflareinsights.com
user-assets.out.sh
widget.gleamjs.io
wn.nr
www.facebook.com
www.youtube.com
104.18.20.100
104.18.31.181
104.18.9.67
172.66.43.179
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700::6810:4f49
2620:1ec:bdf::45
2a00:1450:4001:801::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
54.174.195.93
54.231.129.17
0baf961db33b877a576a2fdc19629dfc6f58d1fff8a79a261e597a130910b983
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
27be57d3e25e4ff11351f4caa1775350309659a56024399f034deabebd9d8136
30c299c9aa8f74a41749466f27f3a834d0ba8a162a9eb0477d51283f4e68095e
316d0ab60d41b8dec2e086fc0704c22dc3ef695e2d4d16236e85515e1e7222c1
368ebbb5b6e8f3e019c5afcc7d3f0e35b8b87f2df7cbb06638732490db4e5f6f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
469396b425e41f947ec2419ea0a49091c6275add55093ab102b2b8a8cf885fc9
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
4b13401cf2d44af1ff3b369bda81e91174a7c79f6cbff46f91cc583a78b7c014
56c15eda02cf6ba7e0d5395be0711db12448713af34cff495ce568289afdb730
5b1e3b5bdc3b32cf47b6cf93c466c6bd43878cbbce4578345a345ac29e4c0cd9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
660347e49d05d082b0bcc9156058ea15b1642b2d9df67cc503f04994c8f3bfc1
6e2205a902b3e43cb26203895ba099ee6f32ee504511785dea68f45fee2adedf
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
7473149c50d6d30a81be8d5e259975e2ea31daac7ae48872338ce42063d40f12
838a08d8321d92ad0d64da9ce7bbb3bedfbfc99f073bc0089efff0146025987e
8b2fbe94e9e99d462599f0e33e736c447a01254280f3840568df3f0d40e0c429
926ad6c1f82b9c93959d9a917e2fe2f6f86e2928a6928a8466ba54de48050916
9e407fb5bd2b9e460b37f6acc3ad65c5fb753f1ea6aecbaef61f534309e493be
a9260e9ebe3f820738c42a7f8b6244a0f52fd4d227594b759118e2de182741de
aca4dbd73acdbca407bee1704d3a11d396de341d74dbc08bb028b36b7626ea4d
aefb96f1de173386c5ecf6bb7022de12ebf515c8566f83a398e2603162578692
b8f5fbf30176a7f19df33745854710609eb9a8290a8f273a6590f020cf83f352
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c4b5ab2eac34c043db9de095dbba11790c7dfd9a1f4b5374792524115aebcf0a
d593553b6a9e850c5c64bf1e7d3c9cd3458adb17e6344573a24a66e6ef8c73e4
dc055917bb20b6042962d6e972655061a178db6b161b02c217406b62fd85c0e4
e282d2c61244dd14350f0d077a971f3c76fc79521ea8aa7ea7e6d3bca6ec8c31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb91ef2b6189fe3bb3bcbfd35f127e49b588e629ec86a9e9265462c3bd9e55
e9d7a1b1b6826f7cb12fa262c0cf58a33ded1b5df93416bcc763672373a07300
ec1941ce9e7878f195767288346eb2821e3af0e25652c0233411ff6acf2810ad
ec5463ba8fdde353e4f29f83b9521a641888e053fc2896a2fc01bca8c099b6d2
fbb385b52828130700ed063dab14c0d8d9b18f1ede284cefd9224a31e512d3f8