ke.mpesaken.gifts Open in urlscan Pro
198.54.116.12  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://safproms.gifts/8d4cbfo Page URL
2. https://ke.mpesaken.gifts/vps6x9l Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	8d4cbfo Show response safproms.gifts/	2 KB 914 B	492ms 154ms	Document text/html	162.0.235.4 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://safproms.gifts/8d4cbfo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.4 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server292-2.web-hosting.com Software LiteSpeed / Resource Hash b8ecdfce2df5b4fee0472f711f50e050a8501b31c5c6b34688f852a97c92453d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html content-length 784 content-encoding gzip vary Accept-Encoding date Thu, 23 Dec 2021 13:26:56 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	404	Primary Request vps6x9l Show response ke.mpesaken.gifts/	66 KB 14 KB	668ms 292ms	Document text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ke.mpesaken.gifts/vps6x9l Requested by Host: safproms.gifts URL: https://safproms.gifts/8d4cbfo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash 0f776291468675488641be94472564b2e03dabc2c439c051278a2cda7bda7ce0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://safproms.gifts/ Response headers content-type text/html content-length 14325 content-encoding gzip vary Accept-Encoding date Thu, 23 Dec 2021 13:26:57 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	57ms 40ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ke.mpesaken.gifts/ Origin https://ke.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632, 617, 617, 617 age 1700482 cdn-cachedat 2021-06-08 21:21:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:03:59 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 5ba1d09ce60a06bd2376382787de941e cf-ray 6c21ecb318424e32-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	1 KB 936 B	40ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cairo&display=swap Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7b4b0ee71a5b08051bd06a726997315889a2fb2e944b2ccd323d455aeefa5d16 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 23 Dec 2021 13:26:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 23 Dec 2021 13:26:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 Dec 2021 13:26:57 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	31ms 8ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 21 Dec 2021 11:42:33 GMT content-encoding gzip x-content-type-options nosniff age 179064 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 21 Dec 2022 11:42:33 GMT
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/	80 KB 15 KB	37ms 14ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://ke.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 218251 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 14374 timing-allow-origin * last-modified Tue, 21 Sep 2021 07:01:54 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "61498362-3826" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYCTL7niUdYtDlQx3lkvLvnAonF8LUrSUv%2FrsOaVxLGSJxKP31YSC6r42mB%2BPSJdLX%2FFDAat8T03pyDbdWZ8xya3K6Wpygt%2BHl3c6dvZJaw7fZuFQgb%2FMme6%2B%2BLgIXm%2BOgeEHGGGWDsWbM6i8Cg2bfwG"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6c21ecb319a56973-FRA expires Tue, 13 Dec 2022 13:26:57 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 583 B	37ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 23 Dec 2021 12:27:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 23 Dec 2021 13:26:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 Dec 2021 13:26:57 GMT
GET H2	200	CUN5lgs.png i.imgur.com/	62 KB 62 KB	34ms 7ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/CUN5lgs.png Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 82885afcc2e2041cc0bd59eb6551859107165126b2cb0b89fc6ed9c1f484a8e3 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 4259070 x-cache HIT, HIT content-length 63406 x-served-by cache-bwi5135-BWI, cache-fra19157-FRA last-modified Thu, 30 Sep 2021 10:35:55 GMT server cat factory 1.0 x-timer S1640266018.828298,VS0,VE1 etag "c0ed864d9176a4295a0f8d90b0ba097f" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	XDksoVa.png i.imgur.com/	250 KB 250 KB	32ms 23ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/XDksoVa.png Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 5bb505919c390a51598036b1e5691ea2ff28cc3babc2475204ad7058734f8af2 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 4854741 x-cache HIT, HIT content-length 255954 x-served-by cache-bwi5130-BWI, cache-fra19157-FRA last-modified Thu, 30 Sep 2021 17:55:12 GMT server cat factory 1.0 x-timer S1640266018.828964,VS0,VE1 etag "f2721b7d7672c52b477ee9152b388622" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 390, 1
GET H2	200	ouJgS71.gif i.imgur.com/	49 KB 49 KB	44ms 42ms	Image image/gif	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/ouJgS71.gif Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 2531693 x-cache HIT, HIT content-length 50336 x-served-by cache-bwi5138-BWI, cache-fra19157-FRA last-modified Thu, 22 Oct 2020 22:51:11 GMT server cat factory 1.0 x-timer S1640266018.832302,VS0,VE1 etag "74581d7f057a8880cbf459921bd8bbc9" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1249
GET H2	200	z4Wdyix.jpg i.imgur.com/	25 KB 25 KB	54ms 52ms	Image image/jpeg	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/z4Wdyix.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 6b49f8fa3c9496523f289e71501541f4917117a4416c067a74366cc18d327b46 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 2013364 x-cache HIT, HIT content-length 25872 x-served-by cache-bwi5173-BWI, cache-fra19157-FRA last-modified Thu, 30 Sep 2021 11:03:41 GMT server cat factory 1.0 x-timer S1640266018.832585,VS0,VE1 etag "f38390ed923eba244532e4f28c009ec1" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	kNovlqO.jpg i.imgur.com/	24 KB 24 KB	43ms 41ms	Image image/jpeg	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/kNovlqO.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 60163ceba06c0fb67f3898558b9b7e8f0bcb654912c1a76e19ed4b22cd6ea2e5 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 1834298 x-cache HIT, HIT content-length 24189 x-served-by cache-bwi5180-BWI, cache-fra19157-FRA last-modified Fri, 23 Oct 2020 15:41:06 GMT server cat factory 1.0 x-timer S1640266018.832643,VS0,VE0 etag "6089ea987842c523ccf26ffbf6481b99" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	uX9vrSN.jpg i.imgur.com/	28 KB 29 KB	44ms 42ms	Image image/jpeg	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/uX9vrSN.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash c0b90a38d57e425c78b77701e9a6be73194f05b00b6df348eaa3e1465d1614b2 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 3655035 x-cache HIT, HIT content-length 29102 x-served-by cache-bwi5150-BWI, cache-fra19157-FRA last-modified Fri, 23 Oct 2020 15:40:58 GMT server cat factory 1.0 x-timer S1640266018.832708,VS0,VE0 etag "e85fdf6a6c4a4eee92d725b715dfe8f8" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	jdqoSTy.png i.imgur.com/	12 KB 12 KB	44ms 43ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/jdqoSTy.png Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 9f0a40b05f1980c6af2ecef8e637275e50b24f441300a43b8858a61737723088 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 1926123 x-cache HIT, HIT content-length 12559 x-served-by cache-bwi5168-BWI, cache-fra19157-FRA last-modified Fri, 23 Oct 2020 15:42:24 GMT server cat factory 1.0 x-timer S1640266018.832781,VS0,VE0 etag "6db8746de42153bc0c879e14204fce42" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	twwr.jpg 1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/	9 KB 9 KB	39ms 7ms	Image image/jpeg	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/twwr.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 4aa7af1442f6f006f5fc0cc0550ce8d2246d4ec52f8c6dfc00de75702d878ee4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 09:35:31 GMT x-content-type-options nosniff age 13886 content-disposition inline;filename="twwr.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9006 x-xss-protection 0 server fife etag "v775" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 04 Dec 2021 14:00:21 GMT
GET H2	200	aP4hWCC.jpg i.imgur.com/	123 KB 123 KB	44ms 42ms	Image image/jpeg	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/aP4hWCC.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash eaf8234ca8c7fff8fce1a268275806efb63012087837263f2d6f5a0ae17e1973 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 3050366 x-cache HIT, HIT content-length 125739 x-served-by cache-bwi5155-BWI, cache-fra19157-FRA last-modified Sun, 06 Jun 2021 23:24:02 GMT server cat factory 1.0 x-timer S1640266018.832863,VS0,VE0 etag "6f0c876a20cf7ee9ffc598c55b8813e0" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	ettte.jpg 1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/	34 KB 34 KB	40ms 8ms	Image image/jpeg	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 09:35:31 GMT x-content-type-options nosniff age 13886 content-disposition inline;filename="ettte.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35100 x-xss-protection 0 server fife etag "v771" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 18 Dec 2021 19:56:38 GMT
GET H2	200	lz7ilfE.jpg i.imgur.com/	178 KB 178 KB	55ms 54ms	Image image/jpeg	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/lz7ilfE.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash b5395e4a225c849aee7a44c7ba55bfa603228758d38bd680f9c6c3059d231998 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 2608333 x-cache HIT, HIT x-amz-storage-class STANDARD_IA content-length 182298 x-served-by cache-bwi5157-BWI, cache-fra19157-FRA last-modified Mon, 31 May 2021 22:45:36 GMT server cat factory 1.0 x-timer S1640266018.833178,VS0,VE1 etag "9b584dc15feadafc867facb8ee23bcde" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	uMlXz9m.png i.imgur.com/	74 KB 74 KB	54ms 53ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/uMlXz9m.png Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash df256b03cb313a930810440c59b9ee68f6100e4ff6a2e2561e9b48b4b885c05d Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 1840603 x-cache HIT, HIT content-length 75281 x-served-by cache-bwi5180-BWI, cache-fra19157-FRA last-modified Thu, 30 Sep 2021 11:40:00 GMT server cat factory 1.0 x-timer S1640266018.833241,VS0,VE1 etag "e2d3210347f39b0cfced437f2247c124" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 165, 1
GET H2	200	gy.jpg 1.bp.blogspot.com/-8b8Dz7vkxYA/YKKfcPgq6MI/AAAAAAAAB3c/FfLq7idbQLoDLcNVA1aU7NOvOK-LGyPtACLcBGAsYHQ/s200/	14 KB 14 KB	48ms 17ms	Image image/jpeg	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-8b8Dz7vkxYA/YKKfcPgq6MI/AAAAAAAAB3c/FfLq7idbQLoDLcNVA1aU7NOvOK-LGyPtACLcBGAsYHQ/s200/gy.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9c8422d5613999e44fd77a0d46e2161faf8de4fd967265da030323f0b1b48eea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 09:35:31 GMT x-content-type-options nosniff age 13886 content-disposition inline;filename="gy.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14341 x-xss-protection 0 server fife etag "v779" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 06 Nov 2021 00:45:12 GMT
GET H2	200	AIcpwae.jpg i.imgur.com/	34 KB 34 KB	53ms 52ms	Image image/jpeg	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/AIcpwae.jpg Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash ccd057614298e00b5b7a8e8fd626e033e1dd611fa7b024b49f7afc0513ef580b Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff age 4259066 x-cache HIT, HIT content-length 34667 x-served-by cache-bwi5129-BWI, cache-fra19157-FRA last-modified Fri, 11 Jun 2021 22:08:24 GMT server cat factory 1.0 x-timer S1640266018.833281,VS0,VE0 etag "fe94a01bbd1ef724fa9a792fa45387f6" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	micro.tag.min.js Show response choogeet.net/pfe/current/	104 KB 40 KB	64ms 13ms	Script application/javascript	139.45.197.252 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash b993c198b83498973baf062a0ba6265416352b6f755856b1071770482d0f736f Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Thu, 23 Dec 2021 13:26:49 GMT content-encoding gzip last-modified Tue, 21 Dec 2021 09:37:56 GMT server nginx etag W/"61c1a074-1a164" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H2	404	yuming.js Show response ke.mpesaken.gifts/	66 KB 14 KB	152ms 151ms	XHR text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ke.mpesaken.gifts/yuming.js?1640266017860&_=1640266017823 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash 0f776291468675488641be94472564b2e03dabc2c439c051278a2cda7bda7ce0 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://ke.mpesaken.gifts/vps6x9l X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14325 vary Accept-Encoding content-type text/html
GET H/1.1	200 OK	verify.js Show response owo-owo.vip/	320 B 785 B	102ms 20ms	Script text/javascript	185.53.177.53 TEAMINTERNET-AS
General Check archive.org Show headers Download Go to Full URL https://owo-owo.vip/verify.js?_=1640266017824 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE), Reverse DNS Software nginx / Resource Hash 334e94b518501cbee3bd657a6891e98686dadb86fe40a4871b219f55ba8f3372 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Accept-Ch viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Date Thu, 23 Dec 2021 13:26:57 GMT X-Language german Server nginx Content-Length 320 Accept-Ch-Lifetime 30 Content-Type text/javascript;charset=UTF-8
GET		total.php c1oud1are.com/record/	0 0
GET		total.php c1oud1are.com/record/	0 0
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	68ms 9ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:22:19 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.120.0/27 etag "-375139978" x-cacheable Matched cache content-type text/javascript x-cdn-pop sbg accept-ranges bytes content-length 4364 x-request-id 127537169
GET H2	404	like.png ke.mpesaken.gifts/img/f/	64 KB 64 KB	284ms 282ms	Image text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ke.mpesaken.gifts/img/f/like.png Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash 780ab616be7da9c0bad2a120339db6b06919893b11c9ed7d8a0c2597ae6a09f9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/vps6x9l User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14325 vary Accept-Encoding content-type text/html
GET H2	404	bubble.png ke.mpesaken.gifts/img/f/	64 KB 64 KB	425ms 424ms	Image text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ke.mpesaken.gifts/img/f/bubble.png Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash 780ab616be7da9c0bad2a120339db6b06919893b11c9ed7d8a0c2597ae6a09f9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/vps6x9l User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14325 vary Accept-Encoding content-type text/html
GET H2	404	Tahoma-Bold.ttf ke.mpesaken.gifts/fonts/	0 0	426ms 425ms	Font text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ke.mpesaken.gifts/fonts/Tahoma-Bold.ttf Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash Request headers Referer https://ke.mpesaken.gifts/vps6x9l Origin https://ke.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14325 vary Accept-Encoding content-type text/html
GET H2	200	fa-regular-400.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/	23 KB 23 KB	16ms 15ms	Font application/octet-stream	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea05e6c716c1e72e7aab7abde872bd5dd45acf4142bd4ad198ebfc74989b0880 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css Origin https://ke.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3867541 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 23456 timing-allow-origin * last-modified Tue, 21 Sep 2021 07:01:54 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "61498362-5ba0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh7A8ZcZmY4rUcyFD%2FD%2Bmxj4M6i5pwXgD%2BtMrxl%2F6FdiYWXnyg3XPE8u6%2B9MOliRks6nVPcogHzJSH6OLDeWZOyKkNrWghEAi6CR5jh6%2ByQ5lKoL7351JYJt%2FeGO1T6O3swrmAO4PhMZhN0xzRbeCJhb"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6c21ecb3bb6e6973-FRA expires Tue, 13 Dec 2022 13:26:57 GMT
GET H2	404	Tahoma.ttf ke.mpesaken.gifts/fonts/	0 0	427ms 426ms	Font text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ke.mpesaken.gifts/fonts/Tahoma.ttf Requested by Host: ke.mpesaken.gifts URL: https://ke.mpesaken.gifts/vps6x9l Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash Request headers Referer https://ke.mpesaken.gifts/vps6x9l Origin https://ke.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:57 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14325 vary Accept-Encoding content-type text/html
POST H2	200	zone choogeet.net/	0 253 B	13ms 13ms	Ping text/plain	139.45.197.252 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choogeet.net/zone?&pub=0&zone_id=4307628&is_mobile=false&domain=ke.mpesaken.gifts&var=&ymid=&var_3=&dsig=&action=prerequest Requested by Host: choogeet.net URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://ke.mpesaken.gifts/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-trace-id ff65965d6e8de9c3abea5eccda903946 date Thu, 23 Dec 2021 13:26:49 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-origin https://ke.mpesaken.gifts access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	51 B 185 B	298ms 97ms	Script text/html	198.27.80.143 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4590856&@f16&@g1&@h1&@i1&@j1640266017971&@k0&@l1&@mSafaricom%20Mpesa%20Gifts!&@n0&@ohttps%3A%2F%2Fsafproms.gifts%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:189902819&@b3:1640266018&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fke.mpesaken.gifts%2Fvps6x9l&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.27.80.143 , Canada, ASN16276 (OVH, FR), Reverse DNS ns558056.ip-198-27-80.net Software / Resource Hash f8374a257614885fe6ddf3f7c63c86dcd69d9f3bfb9b9c7c62cd730e32429e3f Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Thu, 23 Dec 2021 13:26:58 GMT Connection close Content-Length 51 Content-Type text/html;charset=UTF-8
GET H2	200	gid.js Show response my.rtmark.net/	65 B 545 B	51ms 18ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4307628&checkDuplicate=true&ymid=&var= Requested by Host: choogeet.net URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 98870b6bd2401fbab529d656dffe304bd9ff18652a1032696263a8c10b30c63b Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 13:26:58 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://ke.mpesaken.gifts access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone Show response choogeet.net/	694 B 983 B	38ms 14ms	Fetch application/json	139.45.197.252 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choogeet.net/zone?&pub=0&zone_id=4307628&is_mobile=false&domain=ke.mpesaken.gifts&var=&ymid=&var_3=&dsig=&action=settings Requested by Host: choogeet.net URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash bbac1b6d051cf765cf59a36fd3a731cb7754fbc11586a42074c7397eee603187 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ke.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-trace-id da59454ee56b2d8e33a05cb38c56b9c2 date Thu, 23 Dec 2021 13:26:58 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 content-type application/json; charset=utf-8 access-control-allow-origin https://ke.mpesaken.gifts access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 694

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

c1oud1are.com

URL

https://c1oud1are.com/record/total.php?ac=total&name=null&_=1640266017825

Domain

c1oud1are.com

URL

https://c1oud1are.com/record/total.php?ac=total&name=50&_=1640266017826

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| timer_start string| redirectURL string| WhatsApp_share_message string| Share_link string| alert_text number| total number| ii number| iy function| hidepop function| incrementValue1 function| incrementValue_i boolean| spin2enabled number| ob string| _0xodL object| _0x44bf function| _0x17b0 function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| lasthtml function| dapp function| dappp function| record string| j string| randomcode string| klast string| banner string| dl object| _Hasync object| ntfcSDK object| zfgformats function| chfh function| chfh2 string| _HST_cntval object| Histats number| _popwnd function| _popwnd_open object| _HistatsCounterGraphics_0_setValues

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ke.mpesaken.gifts/	1970-01-19 23:37:46	Name: null Value: null
			ke.mpesaken.gifts/	1970-01-19 23:37:46	Name: 50 Value: 50
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: HstCfa4590856 Value: 1640266017971
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: HstCla4590856 Value: 1640266017971
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: HstCmu4590856 Value: 1640266017971
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: HstPn4590856 Value: 1
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: HstPt4590856 Value: 1
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: HstCnv4590856 Value: 1
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: HstCns4590856 Value: 1
			ke.mpesaken.gifts/	1970-01-20 08:23:22	Name: c_ref_4590856 Value: https%3A%2F%2Fsafproms.gifts%2F
			my.rtmark.net/	1970-01-20 08:23:22	Name: ID Value: 9b1ec9de34d74e7fa7d312a6971e2942

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://safproms.gifts/8d4cbfo Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ke.mpesaken.gifts/vps6x9l Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ke.mpesaken.gifts/yuming.js?1640266017860&_=1640266017823 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ke.mpesaken.gifts/img/f/like.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ke.mpesaken.gifts/img/f/bubble.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ke.mpesaken.gifts/fonts/Tahoma-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ke.mpesaken.gifts/fonts/Tahoma.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
c1oud1are.com
cdnjs.cloudflare.com
choogeet.net
fonts.googleapis.com
i.imgur.com
ke.mpesaken.gifts
maxcdn.bootstrapcdn.com
my.rtmark.net
owo-owo.vip
s10.histats.com
s4.histats.com
safproms.gifts
c1oud1are.com
139.45.195.8
139.45.197.252
151.101.12.193
162.0.235.4
185.53.177.53
198.27.80.143
198.54.116.12
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:82b::200a
46.105.201.240
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0f776291468675488641be94472564b2e03dabc2c439c051278a2cda7bda7ce0
2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
334e94b518501cbee3bd657a6891e98686dadb86fe40a4871b219f55ba8f3372
4aa7af1442f6f006f5fc0cc0550ce8d2246d4ec52f8c6dfc00de75702d878ee4
5bb505919c390a51598036b1e5691ea2ff28cc3babc2475204ad7058734f8af2
60163ceba06c0fb67f3898558b9b7e8f0bcb654912c1a76e19ed4b22cd6ea2e5
6b49f8fa3c9496523f289e71501541f4917117a4416c067a74366cc18d327b46
6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395
780ab616be7da9c0bad2a120339db6b06919893b11c9ed7d8a0c2597ae6a09f9
7b4b0ee71a5b08051bd06a726997315889a2fb2e944b2ccd323d455aeefa5d16
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
82885afcc2e2041cc0bd59eb6551859107165126b2cb0b89fc6ed9c1f484a8e3
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
98870b6bd2401fbab529d656dffe304bd9ff18652a1032696263a8c10b30c63b
9c8422d5613999e44fd77a0d46e2161faf8de4fd967265da030323f0b1b48eea
9f0a40b05f1980c6af2ecef8e637275e50b24f441300a43b8858a61737723088
b5395e4a225c849aee7a44c7ba55bfa603228758d38bd680f9c6c3059d231998
b8ecdfce2df5b4fee0472f711f50e050a8501b31c5c6b34688f852a97c92453d
b993c198b83498973baf062a0ba6265416352b6f755856b1071770482d0f736f
bbac1b6d051cf765cf59a36fd3a731cb7754fbc11586a42074c7397eee603187
c0b90a38d57e425c78b77701e9a6be73194f05b00b6df348eaa3e1465d1614b2
ccd057614298e00b5b7a8e8fd626e033e1dd611fa7b024b49f7afc0513ef580b
df256b03cb313a930810440c59b9ee68f6100e4ff6a2e2561e9b48b4b885c05d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea05e6c716c1e72e7aab7abde872bd5dd45acf4142bd4ad198ebfc74989b0880
eaf8234ca8c7fff8fce1a268275806efb63012087837263f2d6f5a0ae17e1973
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8374a257614885fe6ddf3f7c63c86dcd69d9f3bfb9b9c7c62cd730e32429e3f
fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c