urlscan.io logo urlscan.io
SecurityTrails logo

gleam.io Open in urlscan Pro
172.66.43.179  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wn.nr/jEqSKPb
Effective URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Submission: On June 12 via manual from RS — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 49 HTTP transactions. The main IP is 172.66.43.179, located in United States and belongs to CLOUDFLARENET, US. The main domain is gleam.io. The Cisco Umbrella rank of the primary domain is 86391.
TLS certificate: Issued by GTS CA 1P5 on May 17th 2024. Valid for: 3 months.
This is the only time gleam.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.174.46.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-46-252.compute-1.amazonaws.com
wn.nr
16    172.66.43.179 (United States)

ASN13335 (CLOUDFLARENET, US)
gleam.io
js.gleam.io
2    104.18.21.100 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.fraudjs.io
2    104.18.31.181 (None, )

ASN13335 (CLOUDFLARENET, US)
widget.gleamjs.io
12    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a03:2880:f277:e2:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)
platform.linkedin.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:16eb (United States)

ASN13335 (CLOUDFLARENET, US)
images.gleamio.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
16 gleam.io
gleam.io — Cisco Umbrella Rank: 86391
js.gleam.io — Cisco Umbrella Rank: 100850
519 KB
15 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2072
ka-p.fontawesome.com — Cisco Umbrella Rank: 3841
360 KB
4 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1430
31 KB
3 gstatic.com
fonts.gstatic.com
115 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
89 KB
2 gleamjs.io
widget.gleamjs.io — Cisco Umbrella Rank: 113191
420 KB
2 fraudjs.io
cdn.fraudjs.io — Cisco Umbrella Rank: 281690
22 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
1 gleamio.com
images.gleamio.com — Cisco Umbrella Rank: 291479
94 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 951
7 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3751
160 KB
1 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1643
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
1 wn.nr
wn.nr — Cisco Umbrella Rank: 795589
349 B
49 15
Domain Requested by
14 ka-p.fontawesome.com kit.fontawesome.com
ka-p.fontawesome.com
10 gleam.io 3 redirects gleam.io
widget.gleamjs.io
static.cloudflareinsights.com
6 js.gleam.io gleam.io
4 platform.twitter.com gleam.io
platform.twitter.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.youtube.com gleam.io
www.youtube.com
2 connect.facebook.net gleam.io
connect.facebook.net
2 widget.gleamjs.io gleam.io
2 cdn.fraudjs.io gleam.io
1 www.facebook.com connect.facebook.net
1 images.gleamio.com gleam.io
1 static.cloudflareinsights.com gleam.io
1 platform.linkedin.com gleam.io
1 www.instagram.com gleam.io
1 fonts.googleapis.com gleam.io
1 kit.fontawesome.com gleam.io
1 wn.nr 1 redirects
49 17
Subject Issuer Validity Valid
gleam.io
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
widget.gleamjs.io
E1		 2024-05-18 -
2024-08-16		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdn.fraudjs.io
E1		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2024-03-21 -
2024-06-19		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-07-11 -
2024-07-10		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-21 -
2024-06-19		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
gleamio.com
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Frame ID: 5B9102285DC8250CC7266D90F81CE967
Requests: 48 HTTP requests in this frame

Frame: https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: EBE077CF60B4F576A8791A877E1F9233
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgleam.io
Frame ID: 6106CC8C5317EF3F82F238F5D4CA3E9B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=true&hideThread=true&id=1792151038310383666&lang=en&origin=https%3A%2F%2Fgleam.io%2F4ZW4i%2Flobanjica-x-vavada-bmw-f30-giveaway%3Fgsr%3D4ZW4i-ERpUWqIxIO&sessionId=d66e3f7060cace9ada42ce613706caca25d4dc86&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 6F98518C0DF807A1BF51C3F74AFC3FAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LOBANJICA x VAVADA BMW F30 GIVEAWAY

Page URL History Show full URLs

  1. https://wn.nr/jEqSKPb HTTP 301
    https://gleam.io/4ZW4i-ERpUWqIxIO HTTP 301
    https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

49
Requests

96 %
HTTPS

75 %
IPv6

15
Domains

17
Subdomains

16
IPs

3
Countries

1859 kB
Transfer

5628 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wn.nr/jEqSKPb HTTP 301
    https://gleam.io/4ZW4i-ERpUWqIxIO HTTP 301
    https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://gleam.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js HTTP 301
  • https://cdn.fraudjs.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
Request Chain 23
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lobanjica-x-vavada-bmw-f30-giveaway
gleam.io/4ZW4i/
Redirect Chain
  • https://wn.nr/jEqSKPb
  • https://gleam.io/4ZW4i-ERpUWqIxIO
  • https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
204 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e121eb9feb8b4c6663daa6db2e78ab98c045eaa4ee34035789bc3297f203c9b
Security Headers
Name Value
Content-Security-Policy object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
BYPASS
cf-ray
892820446e8b373b-FRA
content-encoding
br
content-security-policy
object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Wed, 12 Jun 2024 07:28:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
g-host
meepo31
link
<https://js.gleam.io/webpack/5217.f2a6267ee903a3163770.js>; rel=preload; as=script; nopush,<https://js.gleam.io/webpack/56985.e5b28ac268652ad5ae66.js>; rel=preload; as=script; nopush,<https://js.gleam.io/webpack/upload.1466de6d49233bffa358.js>; rel=preload; as=script; nopush,<https://js.gleam.io/webpack/5217.f2a6267ee903a3163770.js>; rel=preload; as=script; nopush,<https://js.gleam.io/webpack/56985.e5b28ac268652ad5ae66.js>; rel=preload; as=script; nopush,<https://js.gleam.io/webpack/upload.1466de6d49233bffa358.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/widget-classic-aa09fd3cb6b553ff160fe4469801f39272b4bac7c440d5b524927cbad3123cf0.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-84f985a52f943ece2fb5d8952c0cee11e6a9c01cf45a93315d7051c8abdc3c69.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js>; rel=preload; as=script; nopush,<https://gleam.io/assets/widget-classic-aa09fd3cb6b553ff160fe4469801f39272b4bac7c440d5b524927cbad3123cf0.css>; rel=preload; as=style; nopush,<https://gleam.io/assets/w-84f985a52f943ece2fb5d8952c0cee11e6a9c01cf45a93315d7051c8abdc3c69.js>; rel=preload; as=script; nopush
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
2bf3b325-f78c-4866-a054-871db54fbe37
x-robots-tag
noindex, nofollow
x-runtime
0.051785
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
BYPASS
cf-ray
89282042bc25373b-FRA
content-security-policy
frame-ancestors 'self'; object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
content-type
text/html; charset=utf-8
date
Wed, 12 Jun 2024 07:28:46 GMT
g-host
meepo36
location
https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
0adbc704-f969-42e8-9625-177521e3a9ae
x-robots-tag
googlebot: nofollow noindex
x-runtime
0.015645
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
5217.f2a6267ee903a3163770.js
js.gleam.io/webpack/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gleam.io/webpack/5217.f2a6267ee903a3163770.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1171369048f76042f3464a4f3bf778c28bc4099d0c177ddba170f9d892c206a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 12:24:21 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
498248
etag
W/"666058f5-19005"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
89282046995a373b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
56985.e5b28ac268652ad5ae66.js
js.gleam.io/webpack/ 		98 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gleam.io/webpack/56985.e5b28ac268652ad5ae66.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91767845170c0b6e5d0c12d8eccd6cd5687847ffd2d4119d0a6fbda3e3fdaf41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 12:24:25 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
498249
etag
W/"666058f9-18699"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
892820469959373b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
upload.1466de6d49233bffa358.js
js.gleam.io/webpack/ 		1 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gleam.io/webpack/upload.1466de6d49233bffa358.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b63e4f1c847444ca65b11f32996cf907ef551ad1d6b34b357f171accfc29626
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 12:24:34 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
37895
etag
W/"66605902-40e"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
892820469956373b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-classic-aa09fd3cb6b553ff160fe4469801f39272b4bac7c440d5b524927cbad3123cf0.css
gleam.io/assets/ 		275 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gleam.io/assets/widget-classic-aa09fd3cb6b553ff160fe4469801f39272b4bac7c440d5b524927cbad3123cf0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1a97a0c5a0797c28125d74ac2b229dd131855766979429c059fb97f613b697
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
498331
g-host
meepo32
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Jun 2024 12:21:13 GMT
server
cloudflare
etag
W/"66605839-44c2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000
cf-ray
892820468939373b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
w-84f985a52f943ece2fb5d8952c0cee11e6a9c01cf45a93315d7051c8abdc3c69.js
gleam.io/assets/ 		1 MB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gleam.io/assets/w-84f985a52f943ece2fb5d8952c0cee11e6a9c01cf45a93315d7051c8abdc3c69.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4052e3619b3acb289391dba9af4d5cbfee2c4226d95eac5a4894132d386ef792
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
441619
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 07 Jun 2024 04:42:03 GMT
server
cloudflare
etag
W/"66628f9b-121e52"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000, public
cf-ray
89282046893d373b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
cdn.fraudjs.io/assets/
Redirect Chain
  • https://gleam.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
  • https://cdn.fraudjs.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fraudjs.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Server
104.18.21.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gleam.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 10:07:12 GMT
server
cloudflare
age
2961532
etag
W/"65fd5850-debd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
892820470d8b65c8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 12 Jun 2024 07:28:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=qq6w0Yn4u5s3F.uMQIqeO57uep.AwKsCGnQlN75R9hI-1718177327-1.0.1.1-tbP4.5sgDbKRw2LrWW8eyzBDiuu7wlXVxN_NMLgOFvu.qtFg9JRN3rd0AHwLOzd9H2FX7FNa9gTMO4agwfyQrZsqNeFDm22muT1DLlWHHrDSzAS4DQoqz75hnJwxrOcFdOipS64aTxBZYUekfZCDLg; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=qq6w0Yn4u5s3F.uMQIqeO57uep.AwKsCGnQlN75R9hI-1718177327-1.0.1.1-tbP4.5sgDbKRw2LrWW8eyzBDiuu7wlXVxN_NMLgOFvu.qtFg9JRN3rd0AHwLOzd9H2FX7FNa9gTMO4agwfyQrZsqNeFDm22muT1DLlWHHrDSzAS4DQoqz75hnJwxrOcFdOipS64aTxBZYUekfZCDLg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
text/html
location
https://cdn.fraudjs.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=3600
vary
Accept-Encoding
cf-ray
892820468940373b-FRA
alt-svc
h3=":443"; ma=86400
content-length
167
expires
Wed, 12 Jun 2024 08:28:47 GMT
w-84f985a52f943ece2fb5d8952c0cee11e6a9c01cf45a93315d7051c8abdc3c69.js
widget.gleamjs.io/assets/ 		1 MB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.gleamjs.io/assets/w-84f985a52f943ece2fb5d8952c0cee11e6a9c01cf45a93315d7051c8abdc3c69.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4052e3619b3acb289391dba9af4d5cbfee2c4226d95eac5a4894132d386ef792

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 04:42:07 GMT
server
cloudflare
age
441616
etag
W/"66628f9f-121e52"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
89282046dcda9c0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-classic-aa09fd3cb6b553ff160fe4469801f39272b4bac7c440d5b524927cbad3123cf0.css
widget.gleamjs.io/assets/ 		275 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.gleamjs.io/assets/widget-classic-aa09fd3cb6b553ff160fe4469801f39272b4bac7c440d5b524927cbad3123cf0.css
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1a97a0c5a0797c28125d74ac2b229dd131855766979429c059fb97f613b697

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 12:21:26 GMT
server
cloudflare
age
586836
etag
W/"66605846-44c2e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
g-host
meepo31
cf-ray
89282046dcd89c0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
b36c7d9009.css
kit.fontawesome.com/ 		298 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b36c7d9009.css
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb78732aa42392136f3a4293ac45f6241b7a5fbdaacc699de99491aab80485

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
93
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=300, public, stale-while-revalidate=30
cf-ray
89282046a8f31c97-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F8naXidxWd3yFxUABtPC
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
469396b425e41f947ec2419ea0a49091c6275add55093ab102b2b8a8cf885fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 07:22:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 07:28:47 GMT
fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
cdn.fraudjs.io/assets/ 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fraudjs.io/assets/fraud-36af4f062d2c4ce09f132ca09230e415986c92e2a4a547b74cdd43bbe1448864.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 10:07:12 GMT
server
cloudflare
age
2961532
etag
W/"65fd5850-debd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
892820470d8b65c8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed.js
www.instagram.com/ 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/embed.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f277:e2:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac26f8986fc00f82fb2be9fc4caf1650889367cc7ec4a4702004ae0a64e59df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
zstd
x-content-type-options
nosniff
date
Wed, 12 Jun 2024 07:28:47 GMT
content-md5
WrG8YneTe4DErx72e50gTQ==
document-policy
force-load-at-top
edge-control
cache-maxage=1200s
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20575
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-fb-debug
ZOKCvaOIi0Nv7OxtqlbgiGzLFNZHl0Ih1iChnlfyvu7im66xpTkEaQxkGhk7KzcX60tKXW06Tw/CRon5n2rv5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
47ff190fe64486754f261ae8160cc112
x-stack
www
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"fa6455db5e0a572081f3269950467f8a"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(self), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 12 Jun 2024 07:48:47 GMT
logo-9b0a8f3b4338d14e3b38a1cc4559d1ea35a5812d334a80572ffd386ad7bca19b.svg
js.gleam.io/assets/ 		908 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.gleam.io/assets/logo-9b0a8f3b4338d14e3b38a1cc4559d1ea35a5812d334a80572ffd386ad7bca19b.svg
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0861a617bdc9458084d4bd5820935ca2d4a8c718f0f06b00f24e14d2a3f362b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
498317
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Mar 2024 10:07:20 GMT
server
cloudflare
etag
W/"65fd5858-38c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://js.gleam.io
cache-control
max-age=315360000, public
cf-ray
892820469954373b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
js.gleam.io/images/ 		731 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.gleam.io/images/logo.svg
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 06:00:10 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
1094
etag
W/"6662a1ea-2db"
vary
Accept-Encoding
content-type
image/svg+xml
g-host
meepo33
cf-ray
89282046d9d0373b-FRA
alt-svc
h3=":443"; ma=86400
in.js
platform.linkedin.com/ 		510 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
5b4134fc9963276fb840bb8178d62e95d0efa733909f6eeef3f364d4d60f0777
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
3011
x-cache
HIT
x-cdn-proto
HTTP2
content-length
163630
x-li-uuid
AAYaq6HGH5WWC3EcpTlFRw==
last-modified
Wed, 12 Jun 2024 06:38:36 GMT
server
ECAcc (ama/48B6)
x-li-pop
prod-lva1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-lva1
cache-control
public, max-age=3600
x-li-proto
http/1.1
accept-ranges
bytes
expires
Wed, 12 Jun 2024 07:38:36 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89282047fd50a020-FRA
pro.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		672 KB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kit.fontawesome.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:26:26 GMT
server
cloudflare
age
6095747
etag
"660c23a2-1d791"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820473dfa1e58-FRA
content-length
120721
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kit.fontawesome.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:26:24 GMT
server
cloudflare
age
6095747
etag
"660c23a0-1c3b"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820473df51e58-FRA
content-length
7227
custom-icons.css
ka-p.fontawesome.com/assets/b36c7d9009/86036195/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/assets/b36c7d9009/86036195/custom-icons.css?token=b36c7d9009
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b36c7d9009.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368ebbb5b6e8f3e019c5afcc7d3f0e35b8b87f2df7cbb06638732490db4e5f6f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://kit.fontawesome.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 08:48:25 GMT
server
cloudflare
age
7824520
etag
W/"5458d0b86f6fdf16bcf5b4eba38d496c"
x-cache-status
MISS
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
892820474dfd1e58-FRA
all.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
371754acf2957d2c5dae2d7a3e9c3bdaddbf2d92a7c948cd1acf4c7799fe3e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Jun 2024 07:28:47 GMT
content-md5
Tv7baih+GtkuwjNQplpuNQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
nNqeH/MSxfNXL7V03AGBYTQS7DWnw9lpsjgXfQJio4vlef7EFuDN64NWRL5KbzVd/236tkhmBuMyhOuhPSS9UA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
dbc8f9a14edcd1dbed449f6ccd64e3ea
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"a45dd5a4808a208d73a33ca4148f59af"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 12 Jun 2024 07:38:45 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-vcF_92OZGMrj0cl46WXR0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 12 Jun 2024 07:28:47 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 23:37:47 GMT
x-content-type-options
nosniff
age
114660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Jun 2025 23:37:47 GMT
all.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=4f40002c29961fa3d3803991b9546a97
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8b1151a0028740bd32cb134626911f1d9129ea59d269142781c84c278575b0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Jun 2024 07:28:47 GMT
content-md5
pioZAJHBRiu0BxI9z1Gpeg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87066
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4317, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
uuK0ZEvIHeouyekUHScgKb3w+stcFHCQy99cV9s/lZzv3WrU8GIpsvEEOKZixgC71X5EOaFjn5hvWQlvXYRcWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
752d800008af2e60c769e830d990518d
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"bedd7226f8fad1e3dc9b14f4d69801cd"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 12 Jun 2025 05:29:39 GMT
main.js
gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame EBE0
Redirect Chain
  • https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H3
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2fc9bddd174732bcc6e8022183d30d94ff5a694c5a474fc20cc7ad5700fa4c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
892820498cbf373b-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 12 Jun 2024 07:28:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
892820484b55373b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-12.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
age
6095564
etag
"660c297a-3878"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820499ce91c97-FRA
content-length
14456
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 07:27:20 GMT
x-content-type-options
nosniff
age
86487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 07:27:20 GMT
pro-fa-solid-900-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b40eed2a14d541eb0ec80d05d29815fa18fd71c46455fc374a47a81226e9d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
age
6095564
etag
"660c297a-36dc"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498cd51c97-FRA
content-length
14044
pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f976b287176178a645cb4f743ec4f3dbb7a08c31ca34c3b096e7bba425c322

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
age
6095564
etag
"660c297a-2ee4"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498cda1c97-FRA
content-length
12004
pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:16 GMT
server
cloudflare
age
6095564
etag
"660c2974-3914"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498cdb1c97-FRA
content-length
14612
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Montserrat:500,700|Lato:400,600,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:17:36 GMT
x-content-type-options
nosniff
age
90671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 06:17:36 GMT
checkbox.png
gleam.io/images/ 		368 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gleam.io/images/checkbox.png
Requested by
Host: widget.gleamjs.io
URL: https://widget.gleamjs.io/assets/widget-classic-aa09fd3cb6b553ff160fe4469801f39272b4bac7c440d5b524927cbad3123cf0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://widget.gleamjs.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
498315
cf-polished
origFmt=png, origSize=655
content-disposition
inline; filename="checkbox.webp"
g-host
meepo36
alt-svc
h3=":443"; ma=86400
content-length
368
cf-bgj
imgq:85,h2pri
last-modified
Wed, 05 Jun 2024 12:13:26 GMT
server
cloudflare
etag
"66605666-28f"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
892820491c39373b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		99 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
pro-fa-brands-400-2.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-2.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd41a74dbd23d067837a937e780ec848cb3b163bb04615f93652ed29bec2f4fa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:13 GMT
server
cloudflare
age
6095536
etag
"660c2971-98e4"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498cdc1c97-FRA
content-length
39140
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-0.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:13 GMT
server
cloudflare
age
6095564
etag
"660c2971-946c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498cde1c97-FRA
content-length
37996
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d469abd7ab918eac59368fc8546828582ac3b845b56bdeb5d3536ed82513c2e

Request headers

Referer
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:13 GMT
server
cloudflare
age
6095564
etag
"660c2971-9d0c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498ce01c97-FRA
content-length
40204
pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-1.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c380af7b011a43c1480933e7b2bb394508123d86908aa605d7c816fc2ad23a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:17 GMT
server
cloudflare
age
6095564
etag
"660c2975-423c"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498ce11c97-FRA
content-length
16956
pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-14.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7924fd2e6167be712d7efea6b2de21a7331899da86cc273461d4e40b5a522af3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
age
6095564
etag
"660c297a-34b0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498ce21c97-FRA
content-length
13488
pro-fa-solid-900-13.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-13.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fb457fc69058cd84b72db3a52c0ef9961aa7d18e7bab081d7f1953a7cc23dd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
age
6095531
etag
"660c297a-37d0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498ce51c97-FRA
content-length
14288
pro-fa-solid-900-15.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-15.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec825c3d2f51af48d294a3f84bf16ce5a9c3d49a59f14b961649eb24c5480f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=b36c7d9009
Origin
https://gleam.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
age
6095564
etag
"660c297a-3194"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
892820498ce71c97-FRA
content-length
12692
post.jpg
images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1080,onerror=redirect/https://user-assets.out.sh/user-assets/2177778/lJspNuUeplJZNaey/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gleamio.com/cdn-cgi/image/format=auto,metadata=none,fit=scale-down,quality=85,width=1080,onerror=redirect/https://user-assets.out.sh/user-assets/2177778/lJspNuUeplJZNaey/post.jpg
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:16eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1af404f285149a0b0362eb32c92a98417c7ec7c9edf708f6e33e83fbffe10d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
96072
cf-resized
internal=ok/h q=0 n=35+243 c=0+0 v=2024.5.3 l=96072
last-modified
Tue, 14 May 2024 21:11:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfh_gNCM1PSoXHcVPRs9mH1_KjiHlin5-dsK3_kpnHDQ:cf0fcb65d4c3f68f98a91eab7088067a"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
892820499d8718d2-FRA
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: gleam.io
URL: https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB7) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:28:47 GMT
Content-Encoding
gzip
Age
654
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (amb/6BB7)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=152351391599356&input_token&origin=1&redirect_uri=https%3A%2F%2Fgleam.io%2F4ZW4i%2Flobanjica-x-vavada-bmw-f30-giveaway%3Fgsr%3D4ZW4i-ERpUWqIxIO&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=4f40002c29961fa3d3803991b9546a97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000; preload
date
Wed, 12 Jun 2024 07:28:47 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2763, tp=-1, tpl=-1, uplat=28, ullat=0
pragma
no-cache
x-fb-debug
1+Kud8Ml1eZaz9fPhJe2G2ZMgarzdFnYyQmzfwgRBKif7NKkf2Hfj5eipufCbRzyct7CvBowv54y6ArY6DC/Qw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gleam.io
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 01:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
20711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12617
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 04:18:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Jun 2025 01:43:36 GMT
892820446e8b373b
gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EBE0 		0
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/challenge-platform/h/g/jsd/r/892820446e8b373b
Requested by
Host: gleam.io
URL: https://gleam.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
8928204a2d69373b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 6106 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgleam.io
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B95) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gleam.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
6811123
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Jun 2024 07:28:47 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B95)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
rum
gleam.io/cdn-cgi/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gleam.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gleam.io/4ZW4i/lobanjica-x-vavada-bmw-f30-giveaway?gsr=4ZW4i-ERpUWqIxIO
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://gleam.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8928204afe40373b-FRA
favicon.ico
js.gleam.io/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://js.gleam.io/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81be3fa3de6eb664203d1dbd5a7aa0bb218ecfb96c8a31c644658872b9218ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
498334
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=gu4lsBsZBBV_KUnkNmqjSFB42VqmjjDPg4dcFXW_g1M-1718177327-1.0.1.1-TcmSzWyAMCsT8tdP_YNV6qbLRAPndjXo0_6k38LQWOTJL58WpQYcY7wThkSRmfDFU1P9poW8WK0jw0ut.yKNB2_Jg8bNI3SAfvSIUSKM0kbvdOVypR1rFWHjUYSzEXAFWLpGTaO7gvt.g9XZ3FFVWQ; report-to cf-csp-endpoint
g-host
ip-172-30-0-169
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Jun 2024 12:13:26 GMT
server
cloudflare
etag
W/"66605666-3aee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=gu4lsBsZBBV_KUnkNmqjSFB42VqmjjDPg4dcFXW_g1M-1718177327-1.0.1.1-TcmSzWyAMCsT8tdP_YNV6qbLRAPndjXo0_6k38LQWOTJL58WpQYcY7wThkSRmfDFU1P9poW8WK0jw0ut.yKNB2_Jg8bNI3SAfvSIUSKM0kbvdOVypR1rFWHjUYSzEXAFWLpGTaO7gvt.g9XZ3FFVWQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
8928204b9f0f373b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
tweet.d7aeb21a88e025d2ea5f5431a103f586.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9F) /
Resource Hash
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gleam.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:28:48 GMT
Content-Encoding
gzip
Age
6834786
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2725
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (amb/6B9F)
Etag
"1836187c57e3f0873abebe6985a39f5a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
Tweet.html
platform.twitter.com/embed/ Frame 6F98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=true&hideThread=true&id=1792151038310383666&lang=en&origin=https%3A%2F%2Fgleam.io%2F4ZW4i%2Flobanjica-x-vavada-bmw-f30-giveaway%3Fgsr%3D4ZW4i-ERpUWqIxIO&sessionId=d66e3f7060cace9ada42ce613706caca25d4dc86&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B87) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gleam.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
646
Cache-Control
public, max-age=1800
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Jun 2024 07:28:48 GMT
Etag
"3798a7b6b197263df1b225665e92751a"
Last-Modified
Sat, 17 Feb 2024 00:56:45 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B87)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| fallbackToHostedFontAwesome boolean| uploadCampaign string| campaignKeyOverride string| actionMarketingAppName function| escapeStringRegexp function| tagToHashtagRegExp function| Cookies function| _getGSAP function| CSSPlugin object| cssCore function| _removeLinkedListItem function| _removeProperty function| PropTween function| _getAllStyles function| ClassNamePlugin object| LocalStorage string| TALKER_TYPE string| TALKER_ERR_TIMEOUT function| objectCreate function| defer function| Talker function| jqueryLikeOn function| withParam function| addExpid function| $ function| jQuery function| jsmd5 object| fraudService function| ClipboardJS function| elementResizeDetectorMaker object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| simulateEvent function| trackEvent function| trackPageview function| moment object| angular object| Gleam object| ifvisible object| linkify string| pageType string| pageViewOverride object| webpackChunkGleamNProdRProd function| loadImage function| dataURLtoBlob object| messageBundle string| facebookAppId object| tag object| firstScriptTag function| initYoutubeVideo function| onYouTubeIframeAPIReady object| FingerprintJS function| gleamFraudCalculator function| checkTikTokIframe object| __core-js_shared__ object| Sslac object| IN function| parseLinkedIn object| conversionTracking undefined| configPayload object| FB object| __cfBeacon function| fbAsyncInit function| fbLazyInitPost object| twttr object| __buffer object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| __twttrll object| __twttr

13 Cookies

Domain/Path Name / Value
gleam.io/ Name: PP-4ZW4i
Value: *
gleam.io/ Name: owner_token
Value: c-JDrp60H8M2fkYmnrcWxQ
gleam.io/ Name: SH-4ZW4i
Value: ERpUWqIxIO
.gleam.io/ Name: __cf_bm
Value: 8pyDAxD1ooXpta1o5CQ9L0XC4X.pFI.6lIwpUlHdXxQ-1718177326-1.0.1.1-5B5ALlGzwJpkOV4_0fgxR3Wykx1l9BuxZ2f5b74LAzZIQuQOAHnj1A418xkBWfk0BmGGHNliYyXs46fGZGcvlw
gleam.io/ Name: RL-4ZW4i
Value: https%3A%2F%2Fgleam.io%2F4ZW4i%2Flobanjica-x-vavada-bmw-f30-giveaway
gleam.io/ Name: _gfpc
Value: t
gleam.io/ Name: XSRF-TOKEN
Value: Urc7oxYuflOxqOSMBspSA_dRVpOnnNqnGKU3p9uqtBfovXxi5yosOa1NNzPIyEx41PbfINRBoeuG746QxFlC5A
gleam.io/ Name: _app_session
Value: hJTUn6WsmJ9%2BN6KbO4BhCarOrdKv1JRmHAvGuahTTwt4P8jqQn9uVN2X39t8NKvd1A1fwKRlyH8HCnpnLEvbPRY%2BI046pICJHdbKlV14ZTzZ6QBBADTU5rabClqpstFJL6wRlNL4JdOhdPa3c0%2FRD6zXiKwLy8NRAW7uMMaXUQrvmFxnMhWFkhEFwyY49bLZjgoP1k0EXV3JfCosOeeF5yRhDGSw3FwuTECAHdqZUKsVulVW6US7tj%2Fciq2ew7ORsXGedt%2BJCmgEMNshFTFpH0vhNf2a8Vl9b3chF1NXzBBRuCR0Vso8Pwcp--iZHa0JehNZ3UKT2D--zLu1wZFc6aMQgbz9Dup2DA%3D%3D
gleam.io/ Name: fpr
Value: 700505ea8733a4dcddda793391e78f95.7ec43f5f08f32c7c6e91c4ce43911123
.youtube.com/ Name: YSC
Value: mGmgIrjqnMw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: mMBUBZ33x2o
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgNw%3D%3D
.gleam.io/ Name: cf_clearance
Value: v577h2Y6fehJEnMxg5VHh6CCavK712ifFFIXamRUN20-1718177327-1.0.1.1-zDcPngGnBGrc2bodIOJwYTlW4Bttx6rylUeobldTjaM70QM7R0WWonL7J2lbLyshqJPmn2ajb75cT5X1XtKJPw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src open.spotify.com player.kick.com cdn.iframe.ly www.youtube.com player.vimeo.com w.soundcloud.com www.mixcloud.com www.kickstarter.com www.tiktok.com player.twitch.tv; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; report-uri /csp-report
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fraudjs.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gleam.io
images.gleamio.com
js.gleam.io
ka-p.fontawesome.com
kit.fontawesome.com
platform.linkedin.com
platform.twitter.com
static.cloudflareinsights.com
widget.gleamjs.io
wn.nr
www.facebook.com
www.instagram.com
www.youtube.com
104.18.21.100
104.18.31.181
172.66.43.179
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700::6810:5049
2606:4700::6812:16eb
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:811::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a03:2880:f277:e2:face:b00c:0:4420
35.174.46.252
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
0b1af404f285149a0b0362eb32c92a98417c7ec7c9edf708f6e33e83fbffe10d
0d8d15a188469151039be73eaed0e107a54ca4f3d707a4f9fe01b330d31eda47
0f1a97a0c5a0797c28125d74ac2b229dd131855766979429c059fb97f613b697
109bfc6a43e44edea11ea5b4757d72fb70ba2dcde1245ba11d76af4eba8d8019
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1a1963f29abcd0a4ed8ed664a566f0377be8781120f7a92accf59be777ec4a3a
1d6486924f92408350df1b8220d70f9adb8884cd916795701e0b147359ec23d0
368ebbb5b6e8f3e019c5afcc7d3f0e35b8b87f2df7cbb06638732490db4e5f6f
371754acf2957d2c5dae2d7a3e9c3bdaddbf2d92a7c948cd1acf4c7799fe3e36
39f976b287176178a645cb4f743ec4f3dbb7a08c31ca34c3b096e7bba425c322
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fac56c713ab4fcebd472e6ce686909ade1212913a7169c17a6bed58a6d21b08
4052e3619b3acb289391dba9af4d5cbfee2c4226d95eac5a4894132d386ef792
469396b425e41f947ec2419ea0a49091c6275add55093ab102b2b8a8cf885fc9
5b4134fc9963276fb840bb8178d62e95d0efa733909f6eeef3f364d4d60f0777
5b63e4f1c847444ca65b11f32996cf907ef551ad1d6b34b357f171accfc29626
66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b
6e121eb9feb8b4c6663daa6db2e78ab98c045eaa4ee34035789bc3297f203c9b
7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919
7924fd2e6167be712d7efea6b2de21a7331899da86cc273461d4e40b5a522af3
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109
8d469abd7ab918eac59368fc8546828582ac3b845b56bdeb5d3536ed82513c2e
91767845170c0b6e5d0c12d8eccd6cd5687847ffd2d4119d0a6fbda3e3fdaf41
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
a0861a617bdc9458084d4bd5820935ca2d4a8c718f0f06b00f24e14d2a3f362b
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
a2b40eed2a14d541eb0ec80d05d29815fa18fd71c46455fc374a47a81226e9d6
a2c380af7b011a43c1480933e7b2bb394508123d86908aa605d7c816fc2ad23a
a8eb78732aa42392136f3a4293ac45f6241b7a5fbdaacc699de99491aab80485
ac26f8986fc00f82fb2be9fc4caf1650889367cc7ec4a4702004ae0a64e59df0
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b2fc9bddd174732bcc6e8022183d30d94ff5a694c5a474fc20cc7ad5700fa4c3
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c5fb457fc69058cd84b72db3a52c0ef9961aa7d18e7bab081d7f1953a7cc23dd
c81be3fa3de6eb664203d1dbd5a7aa0bb218ecfb96c8a31c644658872b9218ea
cd41a74dbd23d067837a937e780ec848cb3b163bb04615f93652ed29bec2f4fa
cec825c3d2f51af48d294a3f84bf16ce5a9c3d49a59f14b961649eb24c5480f1
d1171369048f76042f3464a4f3bf778c28bc4099d0c177ddba170f9d892c206a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8b1151a0028740bd32cb134626911f1d9129ea59d269142781c84c278575b0f
faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318