gleam.io Open in urlscan Pro
108.170.54.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicktime.symantec.com/371haCnJ4GXzvrWvmxsMfsP7Vc?u=https%3A%2F%2Fel2.convertkit-mail.com%2Fc%2F8kundpg756sohlrmrmtk%2F...
Effective URL:
https://gleam.io/h2akS/fall-into-happiness-giveaway
Submission: On October 09 via manual (October 9th 2019, 3:04:32 am UTC) from AU

Summary HTTP 45 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 17 domains to perform 45 HTTP transactions. The main IP is 108.170.54.74, located in Phoenix, United States and belongs to SSASN2 - SECURED SERVERS LLC, US. The main domain is gleam.io.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on February 27th 2015. Valid for: 5 years.

This is the only time gleam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.123.105.93 3.123.105.93	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	3.15.79.113 3.15.79.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	108.170.54.74 108.170.54.74	20454 (SSASN2) (SSASN2 - SECURED SERVERS LLC)
3	108.161.187.73 108.161.187.73	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
4	50.31.246.1 50.31.246.1	40509 (FLY) (FLY - Fly.io)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.32.118.11 13.32.118.11	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	108.161.187.76 108.161.187.76	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::25eb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	52.222.168.146 52.222.168.146	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
45	19

1 3.123.105.93 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-123-105-93.eu-central-1.compute.amazonaws.com

clicktime.symantec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.15.79.113 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-15-79-113.us-east-2.compute.amazonaws.com

el2.convertkit-mail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.170.54.74 (Phoenix, United States)

ASN20454 (SSASN2 - SECURED SERVERS LLC, US)

gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.161.187.73 (United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

widget.gleamjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.31.246.1 (Chicago, United States)

ASN40509 (FLY - Fly.io, Inc., US)
PTR: flyio.shw.io

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.11 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-118-11.prg50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.187.76 (United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.fraudjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::25eb (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.168.146 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-146.fra54.r.cloudfront.net

d36eyd5j1kt1m6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	twitter.com platform.twitter.com syndication.twitter.com	107 KB
8	facebook.com www.facebook.com staticxx.facebook.com	322 B
5	gstatic.com fonts.gstatic.com www.gstatic.com	135 KB
4	fontawesome.com pro.fontawesome.com	371 KB
3	google.com www.google.com	582 B
3	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d36eyd5j1kt1m6.cloudfront.net	1 MB
3	gleamjs.io widget.gleamjs.io	435 KB
2	twimg.com cdn.syndication.twimg.com pbs.twimg.com	3 KB
2	facebook.net connect.facebook.net	58 KB
2	gleam.io gleam.io	37 KB
1	nr-data.net bam.nr-data.net	261 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	linkedin.com platform.linkedin.com	55 KB
1	fraudjs.io cdn.fraudjs.io	14 KB
1	googleapis.com fonts.googleapis.com	946 B
1	convertkit-mail.com 1 redirects el2.convertkit-mail.com	752 B
1	symantec.com 1 redirects clicktime.symantec.com	726 B
45	17

	Domain	Requested by
7	www.facebook.com	gleam.io connect.facebook.net
6	platform.twitter.com	gleam.io platform.twitter.com
4	fonts.gstatic.com	widget.gleamjs.io
4	pro.fontawesome.com	gleam.io widget.gleamjs.io
3	www.google.com	widget.gleamjs.io www.gstatic.com
3	widget.gleamjs.io	gleam.io widget.gleamjs.io
2	syndication.twitter.com	gleam.io
2	connect.facebook.net	gleam.io connect.facebook.net
2	d36eyd5j1kt1m6.cloudfront.net	gleam.io
2	gleam.io	gleam.io
1	bam.nr-data.net	js-agent.newrelic.com
1	pbs.twimg.com
1	js-agent.newrelic.com	gleam.io
1	cdn.syndication.twimg.com	platform.twitter.com
1	staticxx.facebook.com	connect.facebook.net
1	www.gstatic.com	www.google.com
1	platform.linkedin.com	gleam.io
1	cdn.fraudjs.io	gleam.io
1	d2wy8f7a9ursnm.cloudfront.net	gleam.io
1	fonts.googleapis.com	gleam.io
1	el2.convertkit-mail.com	1 redirects
1	clicktime.symantec.com	1 redirects
45	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
twitter.com
tools.google.com

Subject Issuer	Validity	Valid
*.gleam.io COMODO RSA Domain Validation Secure Server CA	`2015-02-27` - `2020-02-26`	5 years	crt.sh
widget.gleamjs.io Sectigo RSA Domain Validation Secure Server CA	`2019-09-17` - `2021-09-16`	2 years	crt.sh
pro.fontawesome.com Let's Encrypt Authority X3	`2019-09-08` - `2019-12-07`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
cdn.fraudjs.io Sectigo RSA Domain Validation Secure Server CA	`2019-09-10` - `2021-09-09`	2 years	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2018-07-11` - `2020-07-15`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://gleam.io/h2akS/fall-into-happiness-giveaway
Frame ID: 024C54D8433BF90ADD0D43CCE88D9132
Requests: 43 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=https%3A%2F%2Fgleam.io
Frame ID: 68B48EC9E1A871D427D7556EEE128AE9
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 41C64A8B268051F904A91EB1BE10F31C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3233a87c66add8%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 25A2FBDAA11C18CAD144AADAAD4CB9FE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2fbcfc245da008%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=285&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=285
Frame ID: FCEDCB1A2B93BD07AD3300C282B9A08F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df9e04664c57dd8%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 59568FB483D9EFB5028D9AD2DDCC6028
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3be70bb5f9ba78%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360
Frame ID: 798BBF4996E2589DC0D93E0AF38C22B4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqFB0TAAAAAK8i-wmo25-Fmwf6v9VBmZ90iRyj&co=aHR0cHM6Ly9nbGVhbS5pbzo0NDM.&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=normal&cb=odkdplp7j006
Frame ID: DD2F02EC0728F4F3F9382B0DACC58970
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=xw1jR43fRSpRG88iDviKn3qM&k=6LeqFB0TAAAAAK8i-wmo25-Fmwf6v9VBmZ90iRyj&cb=67v3hxvgj5nn
Frame ID: 2691B6DF9A9CC697767B56BCFDACA732
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3571e170453b0c%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=520&href=https%3A%2F%2Fwww.facebook.com%2F306719333227132%2Fposts%2F413431359222595%3Fsfns%3Dmo&locale=en_US&sdk=joey&show_text=true
Frame ID: E16D2119C255F7A7D3EC6FAC480EE1A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clicktime.symantec.com/371haCnJ4GXzvrWvmxsMfsP7Vc?u=https%3A%2F%2Fel2.convertkit-mail.com%2Fc%2F8ku... HTTP 307
https://el2.convertkit-mail.com/c/8kundpg756sohlrmrmtk/8ghqhoh3lw0qrw/aHR0cHM6Ly9nbGVhbS5pby9oMmFrUy9mYWxsLW... HTTP 302
https://gleam.io/h2akS/fall-into-happiness-giveaway Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

45
Requests

100 %
HTTPS

45 %
IPv6

17
Domains

22
Subdomains

19
IPs

4
Countries

2338 kB
Transfer

4156 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/PenandPaperRevolution/
Title: Pen & Paper Revolution

Search URL Search Domain Scan URL

URL: https://instagram.com/pen_and_paper_revolution
Title: instagram.com/pen_and_paper_revolution

Search URL Search Domain Scan URL

URL: https://instagram.com/pen_and_paper_revolution?ref=badge
Title: Visit Pen & Paper Revolution on Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/306719333227132/posts/413431359222595?sfns=mo
Title: facebook.com/306719333227132/posts/41343 ...

Search URL Search Domain Scan URL

URL: https://twitter.com/pen_revolution/status/1181543189959757824?s=20
Title: We are launching our Fall into Happiness Giveaway! Prizes include Happy Journal, Lamy Fountain Pen, and Jo Malone… t.co/VZMKTXbM9l

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1181543189959757824
Title: Retweet @pen_revolution

Search URL Search Domain Scan URL

URL: https://www.facebook.com/about/privacy
Title: https://www.facebook.com/about/privacy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/legal/terms/update
Title: https://www.facebook.com/legal/terms/update

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout
Title: https://tools.google.com/dlpage/gaoptout

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicktime.symantec.com/371haCnJ4GXzvrWvmxsMfsP7Vc?u=https%3A%2F%2Fel2.convertkit-mail.com%2Fc%2F8kundpg756sohlrmrmtk%2F8ghqhoh3lw0qrw%2FaHR0cHM6Ly9nbGVhbS5pby9oMmFrUy9mYWxsLWludG8taGFwcGluZXNzLWdpdmVhd2F5 HTTP 307
https://el2.convertkit-mail.com/c/8kundpg756sohlrmrmtk/8ghqhoh3lw0qrw/aHR0cHM6Ly9nbGVhbS5pby9oMmFrUy9mYWxsLWludG8taGFwcGluZXNzLWdpdmVhd2F5 HTTP 302
https://gleam.io/h2akS/fall-into-happiness-giveaway Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request fall-into-happiness-giveaway Show response
gleam.io/h2akS/
Redirect Chain

https://clicktime.symantec.com/371haCnJ4GXzvrWvmxsMfsP7Vc?u=https%3A%2F%2Fel2.convertkit-mail.com%2Fc%2F8kundpg756sohlrmrmtk%2F8ghqhoh3lw0qrw%2FaHR0cHM6Ly9nbGVhbS5pby9oMmFrUy9mYWxsLWludG8taGFwcGluZ...
https://el2.convertkit-mail.com/c/8kundpg756sohlrmrmtk/8ghqhoh3lw0qrw/aHR0cHM6Ly9nbGVhbS5pby9oMmFrUy9mYWxsLWludG8taGFwcGluZXNzLWdpdmVhd2F5
https://gleam.io/h2akS/fall-into-happiness-giveaway

128 KB
36 KB

615ms
300ms

Document
text/html

108.170.54.74
SECURED SERVERS LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://gleam.io/h2akS/fall-into-happiness-giveaway

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.170.54.74 Phoenix, United States, ASN20454 (SSASN2 - SECURED SERVERS LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

39effa9bb626879621b50145c542a88d7d65a9b5606542c54df5f1d716bec4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gleam.io
:scheme: https
:path: /h2akS/fall-into-happiness-giveaway
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Wed, 09 Oct 2019 03:04:12 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-ua-compatible: IE=Edge,chrome=1
x-robots-tag: noindex, nofollow
cache-control: no-cache, no-store
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: _mkra_ctxt=0f35c85c3b91f0eaf4141047cb9678b6--200; path=/; max-age=5; HttpOnly PP-h2akS=*; path=/; expires=Wed, 09 Oct 2019 04:04:12 -0000 owner_token=kRM9ZOC2mILFdZ1rT57rNw; path=/; expires=Thu, 10 Oct 2019 03:04:12 -0000 RL-h2akS=https%3A%2F%2Fgleam.io%2Fh2akS%2Ffall-into-happiness-giveaway; path=/; expires=Thu, 10 Oct 2019 03:04:12 -0000 _gfpc=t; path=/ XSRF-TOKEN=z4qSxawrotfs1c4Cj2jZKJPZwTIYutLYccycRIrcx6byEYL%2FSp%2FJhCeaD3LNdwbIoTW3o5Onb94ggKxaMzul5w%3D%3D; path=/ _app_session=3XTaOWBpx%2B%2BBY5MyY6qnAR3FMhbsqAZJoPQLEB%2B73OU4ozEMOLi9OBhVQGLzqzHJEH7%2B1WJ4c8W8pt%2F3M0jYwdSUE%2FIhvJu4irlltM15fAG66WT3Xzt8Q1VABdKo8Ja4uqtE1hvC1WSApFr8TqxSNAKT%2FS3H8f1EG8gMhtz6P8COmgk34I9S6L2j%2BvADjubFO2RoWW34DeUp0X70MTtLKpTjZv7hAb%2F1W5IdBgGJmThHRCcXpNtSkUUADScdKwIbrhszqoj9Jx98R%2BX%2F3a9tR%2F5Y38onA%2BOLcHkIxISdzfkokzwQVuz7X7dfDuK2WICRtatzk%2Fs%3D--4WKTBeXQzvvMrZmV--ovD5Eb%2FcghMsVjqgWeAxNA%3D%3D; path=/; expires=Wed, 06 Nov 2019 03:04:12 -0000; secure; HttpOnly
x-request-id: 79899dd2-07cb-44b1-af56-f59c92961ec0
x-runtime: 0.032791
g-host: meepo8
content-encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"

Redirect headers

status: 302
date: Wed, 09 Oct 2019 03:04:12 GMT
content-type: text/html; charset=utf-8
location: https://gleam.io/h2akS/fall-into-happiness-giveaway
server: nginx/1.14.2
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache
set-cookie: XSRF-TOKEN=kx4H7tvQD0cpNIZVrOTozEAOIRiyG0rWjl7fS%2B%2B4wWxWeNqWHTIh4Ate0b5F%2FXD5SXBHNgd3cNIJDW97picKtQ%3D%3D; path=/; secure _mailapp_session=dWRncWw1ckFRN3FFK3UwMjBrNWg4ODNxcm5OLzZ6ek1oWDA4aEdacS8yNkhHRnh3RjZ6QlVMK3RRN0lmZ054Y3FTUDlDYmlqR0c1SUd4ZmExZTkzRDlqdFZ5NkpVM3E5dzV0R0hzV01PaU41YkpVOFltRzJUNGxpSEdyczJLbE5GNGdIVzQxNHpEYjNOYmhRM1pOWkJMeFJXays2d3NucTkwUnVSalNpTE9vNzBFcFIvcXBBbGpDRnAwbERVN21QLS1WNmhlMVhOcWVQMlFZSWNLZU9zd3p3PT0%3D--e5a0871f06503aef29998fda80c5961eda23316c; path=/; secure; HttpOnly
x-request-id: 7114a5c1-3801-4582-beb9-a9815166c7c6
x-runtime: 0.009754
vary: Accept-Encoding, Origin
content-encoding: gzip
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK w-d8450035c84ae7d192ef4d5c10c3eb2f5bc4032a3644ec6e456b2108f9cdf817.css
widget.gleamjs.io/assets/ 254 KB
64 KB 92ms
21ms Stylesheet
text/css 108.161.187.73
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/w-d8450035c84ae7d192ef4d5c10c3eb2f5bc4032a3644ec6e456b2108f9cdf817.css
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.187.73 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 239d9825ce23c261797e4e8581d14af9293396fa154fa357eeec03d816cdf269

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Sep 2019 14:24:04 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d8e1b84-3f9dc"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=315360000
G-Host: meepo9
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.10.2/css/ 153 KB
30 KB 51ms
18ms Stylesheet
text/css 50.31.246.1
Fly.io

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.2/css/all.css
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.246.1 Chicago, United States, ASN40509 (FLY - Fly.io, Inc., US),
Reverse DNS: flyio.shw.io
Software: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000) /
Resource Hash: c216b139b980f09ffe1903d9af52f16626ac0ba39eec345d63c8f6a27711bd01

Request headers

Sec-Fetch-Mode: cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:12 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache: HIT
status: 200
last-modified: Thu, 22 Aug 2019 20:14:15 GMT
content-length: 30146
fly-request-id: bQV537Ejtornuj1wxvaFLBeQ7c
server: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000)
etag: "0a3e10729341a6fb072f5f342e9721c4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 10 KB
946 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap

Requested by

Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a87c5fabd33fc33e93cdffe9266b88f5885ff0e4b1da4ae0622e8ef08d957f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 09 Oct 2019 03:04:12 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 09 Oct 2019 03:04:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 09 Oct 2019 03:04:12 GMT

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 110ms
32ms Script
application/javascript 13.32.118.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.118.11 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-118-11.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 May 2019 00:52:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 519787
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 0f6f86cca5d70fbf784c9d5eab6a79a4.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: PRG50
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: 04_yJtrfQc8HdD_wcVHy_vKnP-DHQmFbmSAGFxNNh7asMmp2q4uF6A==

GET
H/1.1 200
OK w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js Show response
widget.gleamjs.io/assets/ 1 MB
371 KB 91ms
21ms Script
application/x-javascript 108.161.187.73
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.187.73 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:29:07 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d9b67d3-124a34"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fraud-631db037d5f02f6ebff13ece11da85b64555a4425f72a602beefef0a7815e01c.js Show response
cdn.fraudjs.io/assets/ 38 KB
14 KB 1246ms
975ms Script
application/x-javascript 108.161.187.76
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fraudjs.io/assets/fraud-631db037d5f02f6ebff13ece11da85b64555a4425f72a602beefef0a7815e01c.js
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.187.76 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 631db037d5f02f6ebff13ece11da85b64555a4425f72a602beefef0a7815e01c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Sep 2019 01:01:20 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d784760-9797"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=31104000
Connection: keep-alive
Expires: Sat, 03 Oct 2020 03:04:13 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 181 KB
55 KB 19ms
6ms Script
text/javascript 2a02:26f0:6c00:2bf::25eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::25eb , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Play /
Resource Hash: aab3cb9d7170290b6f2b75ad881b64eaeb219b6f5758bfea76640896748a1901

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-LI-UUID: qiUjwnTayxVw+5b6USsAAA==
Date: Wed, 09 Oct 2019 03:04:12 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-ech2
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 55596
X-CDN: AKAM
X-Li-Fabric: prod-ltx1
Expires: Wed, 9 Oct 2019 03:44:50 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
322 B 17ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=885074175219209&ev=PageView&noscript=1

Requested by

Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 09 Oct 2019 03:04:12 GMT

GET
H/1.1 200
OK picture.jpg
d36eyd5j1kt1m6.cloudfront.net/user-assets/1376216/3n4xj5V6wMBhjET8/ 182 KB
182 KB 496ms
433ms Image
image/jpeg 52.222.168.146
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1376216/3n4xj5V6wMBhjET8/picture.jpg
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.168.146 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-168-146.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a4ef2a3bbd47d625baf279a187a27d260d91e72acd66a26d9e80ba2c27fa6a8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:15 GMT
Via: 1.1 3ef066dcf359ad5dbc339df978147194.cloudfront.net (CloudFront)
Last-Modified: Mon, 07 Oct 2019 15:13:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA54
ETag: "3a4b8379a050ac360f60c516ab57f66d"
X-Cache: Miss from cloudfront
x-amz-version-id: YsIHEPs9JJjRC8TthqgoygFml2fylzUK
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 186113
X-Amz-Cf-Id: ENPoxZ68_dddSzEodGUFQqIJ8qPSjDaZYRs71vYgIGh07TJtaJVb6w==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

407445c1fdd8aa01aaa6aa0f26b652da6d975975639d1e77847f5ac143f4fb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: e9cgC1LIcoK+5gu4Sr89wQ==
status: 200
content-length: 1779
etag: "8c93a8d872ce97d560b98e730d7dcb32"
x-fb-debug: DE9hBoZygkgHhDWT8PtPjGTC584kUzrHQa3JbQXsyUf3VRPXjRbY9EMuOAVX93BEkHqcbibbAgODkz7h8905XQ==
x-fb-trip-id: 344046301
x-fb-content-md5: 62acbedddb9564c0ed5d6332efd423bd
x-frame-options: DENY
date: Wed, 09 Oct 2019 03:04:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 09 Oct 2019 03:11:48 GMT

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 26ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 12:18:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 398733
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Sat, 03 Oct 2020 12:18:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 12:30:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 3422049
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sat, 29 Aug 2020 12:30:05 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.2/webfonts/ 120 KB
120 KB 24ms
23ms Font
font/woff2 50.31.246.1
Fly.io

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.2/webfonts/fa-solid-900.woff2
Requested by: Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.246.1 Chicago, United States, ASN40509 (FLY - Fly.io, Inc., US),
Reverse DNS: flyio.shw.io
Software: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000) /
Resource Hash: 741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16

Request headers

Sec-Fetch-Mode: cors
Referer: https://pro.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:14 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache: HIT
status: 200
last-modified: Thu, 22 Aug 2019 20:10:40 GMT
content-length: 122673
fly-request-id: bQV537PJEP0N5Dx2fFZrBQaj3F
server: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000)
etag: "9da86093a2d65e04263bde02923a502f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.10.2/webfonts/ 149 KB
149 KB 19ms
19ms Font
font/woff2 50.31.246.1
Fly.io

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.2/webfonts/fa-regular-400.woff2
Requested by: Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.246.1 Chicago, United States, ASN40509 (FLY - Fly.io, Inc., US),
Reverse DNS: flyio.shw.io
Software: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000) /
Resource Hash: 3474add504634a2a1995bc8f3d2d539888df184f645800ed9faf2f567e9cad0c

Request headers

Sec-Fetch-Mode: cors
Referer: https://pro.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:14 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache: HIT
status: 200
last-modified: Thu, 22 Aug 2019 20:15:47 GMT
content-length: 151920
fly-request-id: bQV537PJIHOtJZupZOPcPgKryO
server: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000)
etag: "75bfa97d821457d511efb2c85e8cf963"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Sep 2019 11:23:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 1266019
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
expires: Wed, 23 Sep 2020 11:23:55 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 21:49:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 710107
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13612
x-xss-protection: 0
expires: Tue, 29 Sep 2020 21:49:07 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 792 B
582 B 22ms
21ms Script
text/javascript 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grecaptchaCallback&render=explicit

Requested by

Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

ea3b305ef31248f695ab676269e1644ab465a96af0e6c82fd8955ddcaadcb099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 487
x-xss-protection: 1; mode=block
expires: Wed, 09 Oct 2019 03:04:14 GMT

GET
H/1.1 200
OK checkbox.png
widget.gleamjs.io/images/ 655 B
1001 B 872ms
620ms Image
image/png 108.161.187.73
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.gleamjs.io/images/checkbox.png
Requested by: Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.187.73 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: fd8c26db1250eb64bb2078f8b8aa3b3d006301f4fc898ba4e898f8004283f509

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://widget.gleamjs.io/assets/w-d8450035c84ae7d192ef4d5c10c3eb2f5bc4032a3644ec6e456b2108f9cdf817.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:14 GMT
Last-Modified: Wed, 18 Sep 2019 02:24:37 GMT
Server: NetDNA-cache/2.2
ETag: "5d819565-28f"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=315360000
G-Host: meepo9
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 655
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.10.2/webfonts/ 73 KB
73 KB 26ms
26ms Font
font/woff2 50.31.246.1
Fly.io

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.2/webfonts/fa-brands-400.woff2
Requested by: Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/w-605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.246.1 Chicago, United States, ASN40509 (FLY - Fly.io, Inc., US),
Reverse DNS: flyio.shw.io
Software: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000) /
Resource Hash: 433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c

Request headers

Sec-Fetch-Mode: cors
Referer: https://pro.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:14 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-cache: HIT
status: 200
last-modified: Thu, 22 Aug 2019 20:15:27 GMT
content-length: 74686
fly-request-id: bQV537QyK8YOYRRAPICt84Nqqt
server: Fly/a6b5879 (Fri, 04 Oct 2019 13:04:08 +0000)
etag: "c658415c34d6c562735029d37053bf8f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo-32x32.png
gleam.io/images/ 281 B
580 B 158ms
158ms Image
image/png 108.170.54.74
SECURED SERVERS LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gleam.io/images/logo-32x32.png
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.170.54.74 Phoenix, United States, ASN20454 (SSASN2 - SECURED SERVERS LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e7e99a01a5459793288e8c6d3f8ffd652d1a457592ffd3552fb625751690e4a1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:14 GMT
last-modified: Tue, 08 Oct 2019 11:39:32 GMT
server: nginx
etag: "5d9c7574-119"
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200
cache-control: max-age=315360000
g-host: meepo9
accept-ranges: bytes
content-type: image/png
content-length: 281
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1.png
d36eyd5j1kt1m6.cloudfront.net/user-assets/1376216/5ifKn9ztAueGuU0O/ 924 KB
925 KB 87ms
33ms Image
image/png 52.222.168.146
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d36eyd5j1kt1m6.cloudfront.net/user-assets/1376216/5ifKn9ztAueGuU0O/1.png
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.168.146 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-168-146.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e14fe1dde27afb02886f3e7cecbf64115c403d75c117ac1cc620603aea73b33d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 08 Oct 2019 12:43:02 GMT
Via: 1.1 0f820adb6671fcc6033a9aa95ec8e0fb.cloudfront.net (CloudFront)
Last-Modified: Sun, 22 Sep 2019 15:49:02 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA54
ETag: "305a0f7c2fd88056b6d32e89049ff8b3"
X-Cache: Hit from cloudfront
x-amz-version-id: _305Tte.NaHJQKCYj9bLGeuAuIgQhdfq
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 946345
X-Amz-Cf-Id: bUYvw9INXQ6IbwIYzRnfqv_NwIRGE9eK5q08rWU-gcaaSF6X2JyOgA==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 186 KB
56 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6c61764a868c99be4f7689f0c634ee2875c518bb09a360ce1d3a241bd3b5f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
Origin: https://gleam.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xR2y+j0Z7Eay1e1yXg6VJg==
status: 200
content-length: 56392
etag: "61f220453c1b7bdb4345cba0ce23f36b"
x-fb-debug: DkALiQUvoR77Oxafj/sXqHZxFsl07oU5beCcqI2RikuWev1IYLcWuRhEF4uqbk8SlXL/4OTOTwWg1N9K9dYBLA==
x-fb-trip-id: 2069546604
x-fb-content-md5: 35d0621ea4c46fc463a77088c3d6f122
x-frame-options: DENY
date: Wed, 09 Oct 2019 03:04:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 08 Oct 2020 01:33:26 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 24ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B5) /
Resource Hash: 90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:25:42 GMT
Server: ECS (fcn/40B5)
Etag: "1d8d0709ed691e2bc0472dbfc17c8abd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28700

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/ 253 KB
90 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 16:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Oct 2019 21:23:03 GMT
server: sffe
age: 39251
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92207
x-xss-protection: 0
expires: Wed, 07 Oct 2020 16:10:03 GMT

GET
H/1.1 200
OK widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html
platform.twitter.com/widgets/ Frame 68B4 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=https%3A%2F%2Fgleam.io
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Oct 2019 03:04:51 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Wed, 02 Oct 2019 20:21:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40EB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 41C6 0
0 8ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
cookie: fr=0dlIXP27hprgwMpP0..BdnU4s...1.0.BdnU4s.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Tue, 06 Oct 2020 19:46:02 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: mhTDv8xpquN+R/0dXLk2JGSJ3F+hWLBKNGU8FSH9jN4EWz4FJayST8aNV3A5pcaslS9bqOfcdON+/18dy282zQ==
content-length: 11773
x-fb-trip-id: 344046301
date: Wed, 09 Oct 2019 03:04:14 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 43ms
42ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=152351391599356&input_token&origin=1&redirect_uri=https%3A%2F%2Fgleam.io%2Fh2akS%2Ffall-into-happiness-giveaway&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://gleam.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: VjYqJHKwkZTx51m42ZBdjtI9HnVyI+MTpx/LZWjmm0/rv3iW93XloapmQIQ7YDo1shaGQBh61+jIFeOEc6bFnQ==
fb-s: unknown
status: 200
date: Wed, 09 Oct 2019 03:04:14 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gleam.io
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 25A2 0
0 74ms
72ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3233a87c66add8%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3233a87c66add8%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
cookie: fr=0dlIXP27hprgwMpP0..BdnU4s...1.0.BdnU4s.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: oXFHiQ7P2yt7pHRjK2EIc9AFVQrxrqHqqTZ6bBweLiyRlxTlANGyhMOXhomU+AHqt6iSa3s05cyHsK/b4i2Qyw==
date: Wed, 09 Oct 2019 03:04:14 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame FCED 0
0 76ms
76ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2fbcfc245da008%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=285&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=285

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2fbcfc245da008%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=285&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=285
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
cookie: fr=0dlIXP27hprgwMpP0..BdnU4s...1.0.BdnU4s.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: +yw97tlonq4rXSBXgc+KDMzouTXb04yPu53R66CiQISY6qSqalDF99iB1QLoF5C/8283NseEmgL5wjU3J+lkwg==
date: Wed, 09 Oct 2019 03:04:14 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 5956 0
0 79ms
79ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df9e04664c57dd8%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df9e04664c57dd8%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
cookie: fr=0dlIXP27hprgwMpP0..BdnU4s...1.0.BdnU4s.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: I7jylGbmFF4xdghutdivaze10Xygdr3KUhcD+mpSwwkYmOaK0WZ4r+Lt37iKcB7yy3XI45ujsiEGbjbOqsaR5Q==
date: Wed, 09 Oct 2019 03:04:14 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 798B 0
0 73ms
72ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3be70bb5f9ba78%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3be70bb5f9ba78%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=360&href=https%3A%2F%2Fwww.facebook.com%2FPenandPaperRevolution%2F&locale=en_US&sdk=joey&show_faces=false&width=360
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
cookie: fr=0dlIXP27hprgwMpP0..BdnU4s...1.0.BdnU4s.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 8juHW2F+8jiKwWw3PfPcNlhfWD0oucCTN4zCwDHkogSMd5FzzdiJEmzm5mciNwHkCLW/l1bRD+HelXDooonKZw==
date: Wed, 09 Oct 2019 03:04:14 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame DD2F 0
0 29ms
28ms Document
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqFB0TAAAAAK8i-wmo25-Fmwf6v9VBmZ90iRyj&co=aHR0cHM6Ly9nbGVhbS5pbzo0NDM.&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=normal&cb=odkdplp7j006

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zXkApBKIu/1tBOOany9x1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeqFB0TAAAAAK8i-wmo25-Fmwf6v9VBmZ90iRyj&co=aHR0cHM6Ly9nbGVhbS5pbzo0NDM.&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=normal&cb=odkdplp7j006
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Oct 2019 03:04:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-zXkApBKIu/1tBOOany9x1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9133
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 2691 0
0 45ms
45ms Document
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=xw1jR43fRSpRG88iDviKn3qM&k=6LeqFB0TAAAAAK8i-wmo25-Fmwf6v9VBmZ90iRyj&cb=67v3hxvgj5nn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iON1SWSEeHjtsXMSAFBGBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=xw1jR43fRSpRG88iDviKn3qM&k=6LeqFB0TAAAAAK8i-wmo25-Fmwf6v9VBmZ90iRyj&cb=67v3hxvgj5nn
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Oct 2019 03:04:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-iON1SWSEeHjtsXMSAFBGBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1133
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js Show response
platform.twitter.com/js/ 24 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.ec04a6cb5ba879d0e0db41f211639fdf.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:39 GMT
Server: ECS (fcn/41AF)
Etag: "193d41dde5636e7f143422dcf5051b6d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7914

GET
H/1.1 200
OK tweet.faba1cdc1d0b60d30bd0cf4ea438c3e8.js Show response
platform.twitter.com/js/ 19 KB
7 KB 12ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.faba1cdc1d0b60d30bd0cf4ea438c3e8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash: e3bd3c0e52beccd45840994e8d0b2cba2b76869bf114b214bb6ddb35ffb02aa6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:40 GMT
Server: ECS (fcn/4196)
Etag: "a5cedc6c29ac047a7f82c28beb7e2d9a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6316

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
384 B 144ms
144ms Image
image/gif 104.244.42.8
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1570590255165%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Wed, 09 Oct 2019 03:04:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 98b8f963ecd758c3eff829dfa71e6b9f
x-transaction: 00d41609005ffad8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 6 KB
2 KB 168ms
148ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1181543189959757824-ct&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0200

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_f /

Resource Hash

16a94959ae764d847ad71d53f8ce7f41c9c375f106cb15988903a79b3ee95c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 1676
x-xss-protection: 0
x-response-time: 125
last-modified: Wed, 09 Oct 2019 03:04:15 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: 68c7f444b80f6f306a6d2aed390e9aa1
timing-allow-origin: *
x-transaction: 00e2f84a00705869
expires: Wed, 09 Oct 2019 03:05:15 GMT

GET
H/1.1 200
OK tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 51 KB
12 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 82362621d84dafedb468e0a04d88dcc0730114e52b6907a2e89141e7ae379aed

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:37 GMT
Server: ECS (fcn/40E3)
Etag: "98ef2a3a88ab7443920fb6114193c099+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11553

GET
H/1.1 200
OK tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
platform.twitter.com/css/ 51 KB
51 KB 7ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.9bf5093a19cec463852b31b784bf047a.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 03:04:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:37 GMT
Server: ECS (fcn/40E3)
Etag: "98ef2a3a88ab7443920fb6114193c099+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11553

GET
H2 200 nr-1130.min.js Show response
js-agent.newrelic.com/ 24 KB
10 KB 92ms
38ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1130.min.js
Requested by: Host: gleam.io
URL: https://gleam.io/h2akS/fall-into-happiness-giveaway
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:15 GMT
content-encoding: gzip
x-amz-request-id: FC2E5E9385FF35C9
x-cache: HIT
status: 200
content-length: 9407
x-amz-id-2: 3XNtuktyD4wqrPKGubF2M/YqUHo1gnfCUg2ZcA6WpCpRhqESM5LEOkXHaOHxrPCQ1vUCnpmkB8M=
x-served-by: cache-hhn4065-HHN
last-modified: Tue, 09 Jul 2019 23:52:06 GMT
server: AmazonS3
x-timer: S1570590255.430750,VS0,VE0
etag: "73f8857196b9ef7fd3b302cbc557b8ac"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5322

GET
H2 200 Ft93b5I6_normal.png
pbs.twimg.com/profile_images/1123491051816275969/ 1 KB
1 KB 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1123491051816275969/Ft93b5I6_normal.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

32361b6f79a76cb3f3033aec53e25ee9aaa203e8ae8883b86c3e2c6f24e67f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:15 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1275
x-response-time: 151
surrogate-key: profile_images profile_images/bucket/8 profile_images/1123491051816275969
last-modified: Wed, 01 May 2019 07:33:14 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 044c285a31bdeaf37821e387c504898e
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
124 B 137ms
137ms Image
image/gif 104.244.42.8
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgleam.io%2Fh2akS%2Ffall-into-happiness-giveaway%22%2C%22widget_frame%22%3Afalse%2C%22item_ids%22%3A%5B%221181543189959757824%22%5D%2C%22item_details%22%3A%7B%221181543189959757824%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22unbucketed%22%3Atrue%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1570590255437%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22708eecd%3A1570046592825%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22section%22%3A%22subject%22%2C%22component%22%3A%22tweet%22%2C%22action%22%3A%22results%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 03:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Wed, 09 Oct 2019 03:04:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 98b8f963ecd758c3eff829dfa71e6b9f
x-transaction: 000102f600a36c5c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK 6fcc9884b2 Show response
bam.nr-data.net/1/ 57 B
261 B 446ms
112ms Script
text/javascript 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6fcc9884b2?a=4348758&v=1130.54e767a&to=Il1YFhNXCA9cRxoBXxVAXwcSFxQCXlA%3D&rst=12984&ref=https://gleam.io/h2akS/fall-into-happiness-giveaway&ap=32&be=10561&fe=12889&dc=11709&perf=%7B%22timing%22:%7B%22of%22:1570590242461,%22n%22:0,%22f%22:9814,%22dn%22:9817,%22dne%22:9817,%22c%22:9817,%22s%22:9830,%22ce%22:10131,%22rq%22:10131,%22rp%22:10431,%22rpe%22:10474,%22dl%22:10433,%22di%22:11708,%22ds%22:11708,%22de%22:11709,%22dc%22:12888,%22l%22:12888,%22le%22:12906%7D,%22navigation%22:%7B%7D%7D&fp=11689&fcp=12041&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 post.php
www.facebook.com/plugins/ Frame E16D 0
0 128ms
128ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/post.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3571e170453b0c%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=520&href=https%3A%2F%2Fwww.facebook.com%2F306719333227132%2Fposts%2F413431359222595%3Fsfns%3Dmo&locale=en_US&sdk=joey&show_text=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c993450aba0cb8e0c5fb8b93162c97e0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/post.php?app_id=152351391599356&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3571e170453b0c%26domain%3Dgleam.io%26origin%3Dhttps%253A%252F%252Fgleam.io%252Ff368b5c67a247e%26relation%3Dparent.parent&container_width=520&href=https%3A%2F%2Fwww.facebook.com%2F306719333227132%2Fposts%2F413431359222595%3Fsfns%3Dmo&locale=en_US&sdk=joey&show_text=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://gleam.io/h2akS/fall-into-happiness-giveaway
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://gleam.io/h2akS/fall-into-happiness-giveaway

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 8Jn0PK1gvtAgPvvhlPOsq0VEtxrafI61D8wA+LwAnp4AhqFrppF81DSiBPFEiglTLAkUy1SPrk43BuGsd4Gc8w==
date: Wed, 09 Oct 2019 03:04:15 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facebook.com/	1970-01-19 06:26:06	Name: fr Value: 0dlIXP27hprgwMpP0..BdnU4s...1.0.BdnU4s.
gleam.io/	1970-01-19 04:56:49	Name: _app_session Value: 3XTaOWBpx%2B%2BBY5MyY6qnAR3FMhbsqAZJoPQLEB%2B73OU4ozEMOLi9OBhVQGLzqzHJEH7%2B1WJ4c8W8pt%2F3M0jYwdSUE%2FIhvJu4irlltM15fAG66WT3Xzt8Q1VABdKo8Ja4uqtE1hvC1WSApFr8TqxSNAKT%2FS3H8f1EG8gMhtz6P8COmgk34I9S6L2j%2BvADjubFO2RoWW34DeUp0X70MTtLKpTjZv7hAb%2F1W5IdBgGJmThHRCcXpNtSkUUADScdKwIbrhszqoj9Jx98R%2BX%2F3a9tR%2F5Y38onA%2BOLcHkIxISdzfkokzwQVuz7X7dfDuK2WICRtatzk%2Fs%3D--4WKTBeXQzvvMrZmV--ovD5Eb%2FcghMsVjqgWeAxNA%3D%3D
gleam.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: z4qSxawrotfs1c4Cj2jZKJPZwTIYutLYccycRIrcx6byEYL%2FSp%2FJhCeaD3LNdwbIoTW3o5Onb94ggKxaMzul5w%3D%3D
gleam.io/	1969-12-31 23:59:59	Name: _gfpc Value: t
gleam.io/	1970-01-19 04:17:56	Name: RL-h2akS Value: https%3A%2F%2Fgleam.io%2Fh2akS%2Ffall-into-happiness-giveaway
gleam.io/	1970-01-19 04:17:56	Name: owner_token Value: kRM9ZOC2mILFdZ1rT57rNw
gleam.io/	1970-01-19 04:16:33	Name: PP-h2akS Value: *
gleam.io/	1970-01-19 04:16:30	Name: _mkra_ctxt Value: 0f35c85c3b91f0eaf4141047cb9678b6--200

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.fraudjs.io
cdn.syndication.twimg.com
clicktime.symantec.com
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
d36eyd5j1kt1m6.cloudfront.net
el2.convertkit-mail.com
fonts.googleapis.com
fonts.gstatic.com
gleam.io
js-agent.newrelic.com
pbs.twimg.com
platform.linkedin.com
platform.twitter.com
pro.fontawesome.com
staticxx.facebook.com
syndication.twitter.com
widget.gleamjs.io
www.facebook.com
www.google.com
www.gstatic.com
104.244.42.8
108.161.187.73
108.161.187.76
108.170.54.74
13.32.118.11
151.101.114.110
162.247.242.20
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:816::2003
2a00:1450:4001:816::200a
2a00:1450:4001:820::2004
2a00:1450:4001:825::2003
2a02:26f0:6c00:2bf::25eb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.123.105.93
3.15.79.113
50.31.246.1
52.222.168.146
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
0a4ef2a3bbd47d625baf279a187a27d260d91e72acd66a26d9e80ba2c27fa6a8
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16a94959ae764d847ad71d53f8ce7f41c9c375f106cb15988903a79b3ee95c52
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
239d9825ce23c261797e4e8581d14af9293396fa154fa357eeec03d816cdf269
32361b6f79a76cb3f3033aec53e25ee9aaa203e8ae8883b86c3e2c6f24e67f13
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
3474add504634a2a1995bc8f3d2d539888df184f645800ed9faf2f567e9cad0c
39effa9bb626879621b50145c542a88d7d65a9b5606542c54df5f1d716bec4c9
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
407445c1fdd8aa01aaa6aa0f26b652da6d975975639d1e77847f5ac143f4fb0b
433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57811344d04a892ddcd3623c551ce97f268cdf0b300e2396cac5168dbc49d425
605a1773367a04e32f3c251042c9e06c166374ff7bbd5dcf7483c2aaf772ce55
631db037d5f02f6ebff13ece11da85b64555a4425f72a602beefef0a7815e01c
6c61764a868c99be4f7689f0c634ee2875c518bb09a360ce1d3a241bd3b5f2db
6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda
741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16
82362621d84dafedb468e0a04d88dcc0730114e52b6907a2e89141e7ae379aed
90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a87c5fabd33fc33e93cdffe9266b88f5885ff0e4b1da4ae0622e8ef08d957f88
aab3cb9d7170290b6f2b75ad881b64eaeb219b6f5758bfea76640896748a1901
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c216b139b980f09ffe1903d9af52f16626ac0ba39eec345d63c8f6a27711bd01
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
e14fe1dde27afb02886f3e7cecbf64115c403d75c117ac1cc620603aea73b33d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bd3c0e52beccd45840994e8d0b2cba2b76869bf114b214bb6ddb35ffb02aa6
e7e99a01a5459793288e8c6d3f8ffd652d1a457592ffd3552fb625751690e4a1
ea3b305ef31248f695ab676269e1644ab465a96af0e6c82fd8955ddcaadcb099
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fd8c26db1250eb64bb2078f8b8aa3b3d006301f4fc898ba4e898f8004283f509

gleam.io Open in urlscan Pro 108.170.54.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

45 %IPv6

17 Domains

22 Subdomains

19 IPs

4 Countries

2338 kBTransfer

4156 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gleam.io Open in urlscan Pro
108.170.54.74 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

45 %
IPv6

17
Domains

22
Subdomains

19
IPs

4
Countries

2338 kB
Transfer

4156 kB
Size

8
Cookies

45 HTTP transactions
7 data transactions