gleam.io
Open in
urlscan Pro
172.66.43.179
Public Scan
Effective URL: https://gleam.io/NHN3M/2000-giveaway-m9-bayonet-slaughter-sport-gloves-scarlet-shamagh
Submission: On March 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on January 19th 2024. Valid for: 3 months.
This is the only time gleam.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
giveaway.nikolarn.com |
ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com | |
ka-p.fontawesome.com |
ASN15133 (EDGECAST, US)
platform.linkedin.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com | |
pbs.twimg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1316 syndication.twitter.com — Cisco Umbrella Rank: 1703 |
439 KB |
14 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1430 ka-p.fontawesome.com — Cisco Umbrella Rank: 3209 |
323 KB |
11 |
gleam.io
2 redirects
gleam.io — Cisco Umbrella Rank: 70989 js.gleam.io — Cisco Umbrella Rank: 82105 |
425 KB |
8 |
twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 4311 abs-0.twimg.com — Cisco Umbrella Rank: 4076 pbs.twimg.com — Cisco Umbrella Rank: 1262 |
12 KB |
6 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
3 KB |
2 |
out.sh
user-assets.out.sh — Cisco Umbrella Rank: 209877 |
293 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 65 |
69 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 177 |
88 KB |
2 |
gleamjs.io
widget.gleamjs.io — Cisco Umbrella Rank: 110975 |
366 KB |
2 |
fraudjs.io
cdn.fraudjs.io — Cisco Umbrella Rank: 274305 |
41 KB |
1 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 774 |
7 KB |
1 |
linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3519 |
160 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 6857 |
325 B |
1 |
nikolarn.com
1 redirects
giveaway.nikolarn.com |
280 B |
65 | 16 |
Domain | Requested by | |
---|---|---|
13 | ka-p.fontawesome.com |
kit.fontawesome.com
ka-p.fontawesome.com |
12 | platform.twitter.com |
gleam.io
platform.twitter.com |
10 | gleam.io |
2 redirects
gleam.io
widget.gleamjs.io static.cloudflareinsights.com |
6 | www.facebook.com |
connect.facebook.net
|
5 | abs-0.twimg.com | |
2 | pbs.twimg.com | |
2 | syndication.twitter.com |
platform.twitter.com
|
2 | user-assets.out.sh |
gleam.io
|
2 | www.youtube.com |
gleam.io
www.youtube.com |
2 | connect.facebook.net |
gleam.io
connect.facebook.net |
2 | widget.gleamjs.io |
gleam.io
|
2 | cdn.fraudjs.io |
gleam.io
|
1 | cdn.syndication.twimg.com |
platform.twitter.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | static.cloudflareinsights.com |
gleam.io
|
1 | platform.linkedin.com |
gleam.io
|
1 | js.gleam.io |
gleam.io
|
1 | fonts.googleapis.com |
gleam.io
|
1 | kit.fontawesome.com |
gleam.io
|
1 | bit.ly | 1 redirects |
1 | giveaway.nikolarn.com | 1 redirects |
65 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nikolarn.com |
discord.gg |
twitter.com |
twitch.tv |
youtube.com |
instagram.com |
www.tiktok.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gleam.io GTS CA 1P5 |
2024-01-19 - 2024-04-18 |
3 months | crt.sh |
widget.gleamjs.io E1 |
2024-01-21 - 2024-04-20 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
cdn.fraudjs.io E1 |
2024-01-20 - 2024-04-19 |
3 months | crt.sh |
platform.linkedin.com DigiCert SHA2 Secure Server CA |
2023-07-11 - 2024-07-10 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-09 - 2024-03-08 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
out.sh E1 |
2024-01-19 - 2024-04-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-28 - 2024-07-26 |
a year | crt.sh |
syndication.twitter.com R3 |
2024-02-21 - 2024-05-21 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
https://gleam.io/NHN3M/2000-giveaway-m9-bayonet-slaughter-sport-gloves-scarlet-shamagh
Frame ID: 5FF69C98921BC224073E094920805040
Requests: 39 HTTP requests in this frame
Frame:
https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: A74B4E481CB44F4337A41033CCC5BA2F
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb6a9747fcd76325a%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Fff072d67e865a5e40%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FNikolarnFB%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 48F584CAFCE494DF2AFDFAD3491E033E
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df71182a8f50c36c8b%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Fff072d67e865a5e40%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FNikolarnFB%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 2B457BB97798BA44FC7957BFEDA04D89
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0bc18b8c948023ca%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Fff072d67e865a5e40%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FNikolarnFB%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 6C6A33A0F6A957134F385BDD378698C5
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dffe335f007c5b9cd5%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Fff072d67e865a5e40%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FNikolarnFB%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 72ADE46BCC51FCECAC256A3754F4BE10
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc00de21a9933fff7%26domain%3Dgleam.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgleam.io%252Fff072d67e865a5e40%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FNikolarnFB%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: BCF2A9673A953F6DE28AEFD417D01DCB
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgleam.io
Frame ID: 139B872FBD28937112865C41335D3FFB
Requests: 2 HTTP requests in this frame
Frame:
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=true&hideThread=true&id=1763366953538732123&lang=en&origin=https%3A%2F%2Fgleam.io%2FNHN3M%2F2000-giveaway-m9-bayonet-slaughter-sport-gloves-scarlet-shamagh&sessionId=958cfd0f788d53a1a1a40b6b55991198304cf052&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: D24B3DF043BF9B03B883CA46CEB817E1
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
$2,000 GIVEAWAY! ★ M9 Bayonet | Slaughter + ★ Sport Gloves | Scarlet Shamagh!Page URL History Show full URLs
-
http://giveaway.nikolarn.com/
HTTP 302
https://bit.ly/3UYDgUk HTTP 301
https://gleam.io/NHN3M/2000-giveaway-m9-bayonet-slaughter-sport-gloves-scarlet-shamagh Page URL
Detected technologies
Cloudflare Browser Insights (Analytics) ExpandDetected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Linkedin (Widgets) Expand
Detected patterns
- //platform\.linkedin\.com/in\.js
Twitter (Widgets) Expand
Detected patterns
- //platform\.twitter\.com/widgets\.js
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Join #general
Search URL Search Domain Scan URL
Title: 🤑 The $2,000 GIVEAWAY with @skinclubmedia is LIVE! 🤑 🔴 ★ M9 Bayonet | Slaughter + ★ Sport Gloves | Scarlet Shamagh! 🎁Enter on Gleam: t.co/kDXNQTLcQn Ends on the 31st of March! 🥳 Good luck! 🎉 https://t.co/BrfIewVSLK
Search URL Search Domain Scan URL
Title: Retweet @Nikolarn
Search URL Search Domain Scan URL
Title: twitch.tv/Nikolarn
Search URL Search Domain Scan URL
Title: youtube.com/channel/UCi_VsjkIy8vPMQnRMhPu9OA
Search URL Search Domain Scan URL
Title: instagram.com/Nikolarn
Search URL Search Domain Scan URL
Title: Visit Nikolarn on Instagram
Search URL Search Domain Scan URL
Title: twitter.com/Nikolarn
Search URL Search Domain Scan URL
Title: Follow
Search URL Search Domain Scan URL
Title: https://www.tiktok.com/@NikoCasinoWins
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://giveaway.nikolarn.com/
HTTP 302
https://bit.ly/3UYDgUk HTTP 301
https://gleam.io/NHN3M/2000-giveaway-m9-bayonet-slaughter-sport-gloves-scarlet-shamagh Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://gleam.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js HTTP 301
- https://cdn.fraudjs.io/assets/fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
- https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
65 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
2000-giveaway-m9-bayonet-slaughter-sport-gloves-scarlet-shamagh
gleam.io/NHN3M/ Redirect Chain
|
153 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-dark-3c2c9919c6cf9ee5c979d8f1cdce6285864aea98a0cf71d5de01cccbc7f0423b.css
gleam.io/assets/ |
267 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w-ffe42261e651e68c63780a4d0a72164f2762d127eab75831d3963f22cedc59c4.js
gleam.io/assets/ |
1 MB 314 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/ Redirect Chain
|
56 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w-ffe42261e651e68c63780a4d0a72164f2762d127eab75831d3963f22cedc59c4.js
widget.gleamjs.io/assets/ |
1 MB 314 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-dark-3c2c9919c6cf9ee5c979d8f1cdce6285864aea98a0cf71d5de01cccbc7f0423b.css
widget.gleamjs.io/assets/ |
267 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b36c7d9009.css
kit.fontawesome.com/ |
298 B 520 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fraud-bfda9b547908b40e682000aa1ceb7334d3e9636cd08583d8747e3effc5ed8c61.js
cdn.fraudjs.io/assets/ |
56 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nikolarn_logomarkwhite.png
gleam.io/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1024,onerror=redirect/https://gleam-prod-user-assets.s3.amazonaws.com/user-assets/50184/TD8lVTYG2jgHcyOa/ |
19 KB 20 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
js.gleam.io/images/ |
731 B 471 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.js
platform.linkedin.com/ |
510 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ |
669 KB 118 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-icons.css
ka-p.fontawesome.com/assets/b36c7d9009/86036195/ |
12 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giveawaybackground.jpg
user-assets.out.sh/user-assets/50184/fbyH8IH7O5K05cnM/ |
102 KB 103 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame A74B Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
checkbox.png
gleam.io/images/ |
368 B 705 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
39 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-fa-solid-900-15.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giveawayludilicagleam.jpg
user-assets.out.sh/user-assets/50184/vhIM0yn8IpPD5Jnt/ |
189 KB 190 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.js
connect.facebook.net/en_US/ |
300 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
91 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/ |
215 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
85d5931b1d5137d1
gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A74B |
0 343 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 48F5 |
0 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 2B45 |
0 117 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 6C6A |
0 116 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 72AD |
0 118 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame BCF2 |
0 118 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 139B |
319 KB 104 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame 139B |
869 B 659 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
gleam.io/cdn-cgi/ |
0 136 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tweet.d7aeb21a88e025d2ea5f5431a103f586.js
platform.twitter.com/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Tweet.html
platform.twitter.com/embed/ Frame D24B |
345 B 918 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.runtime.d4fdbaa43d8afce29068.js
platform.twitter.com/embed/ Frame D24B |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.9449.78398904051446294e3d.js
platform.twitter.com/embed/ Frame D24B |
493 KB 160 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.Tweet.02ab0848482b3e69ec95.js
platform.twitter.com/embed/ Frame D24B |
30 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame D24B |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.ondemand.i18n.en-js.19a28d85d7fc7916b4b1.js
platform.twitter.com/embed/ Frame D24B |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
platform.twitter.com/embed/ Frame D24B |
35 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.9203.1b3edf1dee6d205547e0.js
platform.twitter.com/embed/ Frame D24B |
267 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.ondemand.Tweet.039e3350d76a41049492.js
platform.twitter.com/embed/ Frame D24B |
88 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tweet-result
cdn.syndication.twimg.com/ Frame D24B |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f911.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D24B |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f534.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D24B |
113 B 299 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f381.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D24B |
656 B 785 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f973.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D24B |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f389.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D24B |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeds
syndication.twitter.com/i/jot/ Frame D24B |
43 B 150 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7HBjmmTs_normal.jpg
pbs.twimg.com/profile_images/1654138382270726147/ Frame D24B |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7HBjmmTs_normal.jpg
pbs.twimg.com/profile_images/1654138382270726147/ Frame D24B |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| fallbackToHostedFontAwesome string| campaignKeyOverride string| actionMarketingAppName function| escapeStringRegexp function| tagToHashtagRegExp function| Cookies function| _getGSAP function| CSSPlugin object| cssCore function| _removeLinkedListItem function| _removeProperty function| PropTween function| _getAllStyles function| ClassNamePlugin object| LocalStorage string| TALKER_TYPE string| TALKER_ERR_TIMEOUT function| objectCreate function| defer function| Talker function| jqueryLikeOn function| withParam function| addExpid function| $ function| jQuery function| jsmd5 object| fraudService function| ClipboardJS function| elementResizeDetectorMaker object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| simulateEvent function| trackEvent function| trackPageview function| moment object| angular object| Gleam object| ifvisible object| linkify string| pageType string| pageViewOverride object| messageBundle string| facebookAppId object| tag object| firstScriptTag function| initYoutubeVideo function| onYouTubeIframeAPIReady function| checkTikTokIframe object| __core-js_shared__ object| Sslac object| IN object| FingerprintJS function| gleamFraudCalculator function| parseLinkedIn object| conversionTracking undefined| configPayload object| __cfBeacon function| fbAsyncInit function| fbLazyInitPost object| FB object| twttr object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| __buffer object| __twttrll object| __twttr object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: o21248-0f67b2cb1cdb87904a-00n |
|
gleam.io/ | Name: PP-NHN3M Value: * |
|
gleam.io/ | Name: owner_token Value: 6zmco2HPf4L5r6XNweQZbA |
|
gleam.io/ | Name: RL-NHN3M Value: https%3A%2F%2Fgleam.io%2FNHN3M%2F2000-giveaway-m9-bayonet-slaughter-sport-gloves-scarlet-shamagh |
|
gleam.io/ | Name: _gfpc Value: t |
|
gleam.io/ | Name: XSRF-TOKEN Value: Qqpo1lbvPlBW85SMvzqe9Y-FK3M9n2Dvr3oIImZiEezav13vWWSqbM-oVvXOyiblzWClIXqKxxsFSQUo_DWg_g |
|
gleam.io/ | Name: _app_session Value: Nlht%2BBTfiFFe408CU3XPKAslT4XFGFGiCAxX24Tu1x%2F%2FS6qnl4hGQLH1ppraBU5RtufwBO%2F%2B9pmYREAyioqxNalsSGpRlTAGbT2H4fB9cmktnuADKuDSfSDMyk2Rxyy3J0mjIANEDSPmXc4lJu7ryszzMeM0fvWsjHYpa6E%2FIL7dmUwKyLSx%2F3h8RT%2Bu8IobrpkEBa8apVdUXB8gc0B49bPADb09Qvob8VPhOJYY%2FjGMoYpYcFEXJeL0j%2Bs335u8ew1jDW4GmlRGrpbq3ulgEDNu1afgLlMHW1P3pSpS4vjA7GNlwTmebwNu--MMrRZOtzSDBIER8O--9PyBYZOBvWB%2BFmBkJkD64g%3D%3D |
|
.gleam.io/ | Name: __cf_bm Value: 9kdM5FDZgS9anB6Rx6S1iI1xhjgHdZIVchf03tEiVuc-1709258649-1.0-AWfKAqfKL6dshCYg4qwnGmf/e4PHmm6+b907Lz1wYnluzyPY4urKbyizywmdLT+TwPCbeiZCaA92g2tV65zo+5Q= |
|
gleam.io/ | Name: fpr Value: 7e0eb59faed0dd87dda7f54f978ca628.eb6c05c61efb42bbbc6d4441b88d71a0 |
|
.youtube.com/ | Name: YSC Value: kX6Ptk37PVw |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: 5mHoCcUdz90 |
|
.gleam.io/ | Name: cf_clearance Value: wqSJ6Ocs0xq_G0w3pd4Eg97y_OcuxQPm7ar83xPYl8c-1709258650-1.0-AY/TWVKn5g9mNZc8KD0si3m/okffVJaAe01f2dQcD6Luw+/mtksh4E1yQJNXohF0EoxDgp6PuycQcGMUSR3ZwFc= |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | object-src www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abs-0.twimg.com
bit.ly
cdn.fraudjs.io
cdn.syndication.twimg.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
giveaway.nikolarn.com
gleam.io
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
pbs.twimg.com
platform.linkedin.com
platform.twitter.com
static.cloudflareinsights.com
syndication.twitter.com
user-assets.out.sh
widget.gleamjs.io
www.facebook.com
www.youtube.com
104.18.20.100
104.18.30.181
104.18.9.67
104.244.42.72
104.244.43.131
172.66.43.179
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700::6810:3865
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.33.152.147
67.199.248.11
05a6562177e8e5f89852e08f7bbd6b62597b35d70c92238fcab4d6674ec76048
077d2c33396a7094926a12e53f118e5cd4af325c49149d2167d0845e5f7e8c6b
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
194de9942601b9a42cc9ea79663aaca170816cfc07cbe8b2a568852427fa7088
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
1e0aaf5086748ed661192e321d26bfc914c2e9ce9add9c3210ee76f159a10bb5
200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc
2103a3691679b4432e21a3a26613ed751a311cea0ea7dd5f25115dc9cec3bca7
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
33f43ec7c7cc219461c969f7d8297f71ea76e7053c39a40051291c80dcd6ad92
35333cb5f25029e58f0e1fed92e166cad6b6bacfc77f9c188dc3b9be09566e09
368ebbb5b6e8f3e019c5afcc7d3f0e35b8b87f2df7cbb06638732490db4e5f6f
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4a82ee7e17e4614be49604dc45e4dba5ec54792a2a27441cccb3a0b7caa5fdbb
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
5198b19dace96c24b864a00d646ebaf1b666f0e6cc1a7a4f97b84c0eeb159d6d
56c15eda02cf6ba7e0d5395be0711db12448713af34cff495ce568289afdb730
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
63fd0069ced51bf0645c28ded71b08ad8d15b1cfb358ff56edb137872e8c62dc
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7b1ce9f9d9db4645be0966aea0a2b35944447a934175d716aa9ee59b23426ba7
83a55e27e236b0af02e3a0cf134c0ee1f12e1efa9904b7c36475f23c620e80f0
883ef473bf38a34b7119e0473a6ef5e9301280d940c5b94210c7ddc8ac97e82a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8b2fbe94e9e99d462599f0e33e736c447a01254280f3840568df3f0d40e0c429
8b80e8e0aee50bf58ef0900508ae905e9ca23e5acd2961e3578235f0040a0647
8c10aa29ef29d9384dbb72015b83058080bb946befeb8f254697aa7960633326
93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace
99e999d7dc8d153183358ebe5a0c4f06d839b0ccffb5f20b6395c995f578379a
9db087e66d383c3f42663e598997f357a4bb6fa61248ec88ab17699e3bcc6c32
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
ac6340acc7a128d87e98a4d0071a3101a57840deadd7a6da6a19de65e7a138ba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca4dbd73acdbca407bee1704d3a11d396de341d74dbc08bb028b36b7626ea4d
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
b940817c681f034a5ec3b5d0430d6d6606b12e05ec3653de8d9579d39b6adb38
c364d261103f9e58009273affec4d9aa3e04549c928b4d186a5bc0281baa8e15
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2
cf3cee22c8db46b0bb32815b28fa6b4582bc7d92150d49cf62ae4260979bc718
d4d4785277ff08372596c10a70d81def8c7ca95bcedd5a8cd9fc9140b17fb85c
d593553b6a9e850c5c64bf1e7d3c9cd3458adb17e6344573a24a66e6ef8c73e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb91ef2b6189fe3bb3bcbfd35f127e49b588e629ec86a9e9265462c3bd9e55
ec5463ba8fdde353e4f29f83b9521a641888e053fc2896a2fc01bca8c099b6d2
f5f46dd44a15466dad6ad64e3802d79afacfd15e50f9c3db1e429ca1fce56ed8
f8dcfe46c0042d62b735198b4a05868677efa42fe0d54aa07007e2b4b6a8ff3b