kn.mpesaken.gifts Open in urlscan Pro
198.54.116.12  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://ke.safproms.gifts/7000mpesa Page URL
2. https://kn.mpesaken.gifts/q4svgrc Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	7000mpesa ke.safproms.gifts/	2 KB 914 B	553ms 166ms	Document text/html	162.0.235.4 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ke.safproms.gifts/7000mpesa Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.4 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server292-2.web-hosting.com Software LiteSpeed / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html content-length 784 content-encoding gzip vary Accept-Encoding date Thu, 17 Mar 2022 08:22:49 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	404	Primary Request q4svgrc Show response kn.mpesaken.gifts/	68 KB 15 KB	651ms 309ms	Document text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://kn.mpesaken.gifts/q4svgrc Requested by Host: ke.safproms.gifts URL: https://ke.safproms.gifts/7000mpesa Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash 48f56998939a3a5acbc227f96c4bb57a32dcdd60fad55a7ab2c2766356f1eb9a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ke.safproms.gifts/ Response headers content-type text/html content-length 14866 content-encoding gzip vary Accept-Encoding date Thu, 17 Mar 2022 08:22:49 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	65ms 27ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://kn.mpesaken.gifts/ Origin https://kn.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632, 617, 617, 617 age 311922 cdn-cachedat 2021-06-08 21:21:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:03:59 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid e14de3785cc9db8afebebd00680f0788 cf-ray 6ed452b2eb7b5c92-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	1 KB 936 B	141ms 50ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cairo&display=swap Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b797eacb86451e087be79261d218181df6b89059995faa87e481f5bc388a39db Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 08:05:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 08:22:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 08:22:50 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	134ms 41ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 10:26:10 GMT content-encoding gzip x-content-type-options nosniff age 251800 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 14 Mar 2023 10:26:10 GMT
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/	80 KB 15 KB	32ms 15ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://kn.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1774856 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14374 timing-allow-origin * last-modified Tue, 21 Sep 2021 07:01:54 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "61498362-3826" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15nVEKefC6czBon29NRVzTelbK6yDPTEemTJv4VI%2BIltkIY12fvhNtd8yznU7nG5FJ5h6B6PmXxuzhf82tHHq%2B0%2FhrodJ8cNG41LopHeDARo4AM5isWnpvzkVxOSywHt%2Fe24t6074dxHOGrNqU0FC9iT"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6ed452b2cae69244-FRA expires Tue, 07 Mar 2023 08:22:50 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 598 B	141ms 51ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b0d3e95d9ae6d861a6735dba876fe73ff082293d8663233cc19f54776f2912e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 06:45:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 08:22:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 08:22:50 GMT
GET H2	200	CUN5lgs.png i.imgur.com/	62 KB 62 KB	45ms 20ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/CUN5lgs.png Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 82885afcc2e2041cc0bd59eb6551859107165126b2cb0b89fc6ed9c1f484a8e3 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 93951 x-cache HIT, HIT content-length 63406 x-served-by cache-iad-kjyo7100072-IAD, cache-hhn4073-HHN last-modified Thu, 30 Sep 2021 10:35:55 GMT server cat factory 1.0 x-timer S1647505370.259979,VS0,VE1 etag "c0ed864d9176a4295a0f8d90b0ba097f" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	XDksoVa.png i.imgur.com/	250 KB 250 KB	38ms 20ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/XDksoVa.png Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 5bb505919c390a51598036b1e5691ea2ff28cc3babc2475204ad7058734f8af2 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 91947 x-cache HIT, HIT x-amz-storage-class STANDARD_IA content-length 255954 x-served-by cache-iad-kcgs7200070-IAD, cache-hhn4073-HHN last-modified Thu, 30 Sep 2021 17:55:12 GMT server cat factory 1.0 x-timer S1647505370.260038,VS0,VE1 etag "f2721b7d7672c52b477ee9152b388622" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H/1.1	200 OK	classic-10_7_dtp.css cdn-images.mailchimp.com/embedcode/	4 KB 2 KB	43ms 8ms	Stylesheet text/css	143.204.96.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-images.mailchimp.com/embedcode/classic-10_7_dtp.css Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.96.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-96-118.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 633f4cf325805cc9f5b5276acec34fbd08f5fa97b35214ab44fa977ac047d6ac Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-amz-version-id jITmvRROYgYXU3PmrU27aDAgVAclebJo Content-Encoding gzip Vary Accept-Encoding Last-Modified Wed, 16 Feb 2022 22:20:27 GMT Server AmazonS3 Age 33915 ETag W/"43611a77b307cb98b6badb6db190b19e" Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type text/css Via 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront) Connection keep-alive Date Wed, 16 Mar 2022 22:57:36 GMT X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id XuTLYvA-B6XHYXZhP0T8CIEb8t08ULqGGVptC7swEsPKjoccuDmXMg==
GET H/1.1	200 OK	mc-validate.js Show response s3.amazonaws.com/downloads.mailchimp.com/js/	140 KB 140 KB	407ms 111ms	Script application/javascript	52.216.229.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.229.221 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 08:22:51 GMT Last-Modified Mon, 20 Aug 2018 17:42:38 GMT Server AmazonS3 x-amz-request-id J0C909AP2GANCB31 ETag "6465dd4a8331265e6629cd069e03504c" Content-Type application/javascript Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 143249 x-amz-id-2 0R10IP/KZoTBTwZP262GuWX9JwhRf1D9lSiHAiysI17AwAZBaqcDq6n8NEX8jE9EaiBiem6e0Qs=
GET H2	200	ouJgS71.gif i.imgur.com/	49 KB 50 KB	24ms 6ms	Image image/gif	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/ouJgS71.gif Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 3540525 x-cache HIT, HIT content-length 50336 x-served-by cache-iad-kcgs7200160-IAD, cache-hhn4073-HHN last-modified Thu, 22 Oct 2020 22:51:11 GMT server cat factory 1.0 x-timer S1647505370.260090,VS0,VE0 etag "74581d7f057a8880cbf459921bd8bbc9" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 13
GET H2	200	z4Wdyix.jpg i.imgur.com/	25 KB 25 KB	37ms 19ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/z4Wdyix.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 6b49f8fa3c9496523f289e71501541f4917117a4416c067a74366cc18d327b46 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 759639 x-cache HIT, HIT content-length 25872 x-served-by cache-iad-kiad7000048-IAD, cache-hhn4073-HHN last-modified Thu, 30 Sep 2021 11:03:41 GMT server cat factory 1.0 x-timer S1647505370.260139,VS0,VE1 etag "f38390ed923eba244532e4f28c009ec1" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	kNovlqO.jpg i.imgur.com/	24 KB 24 KB	25ms 8ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/kNovlqO.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 60163ceba06c0fb67f3898558b9b7e8f0bcb654912c1a76e19ed4b22cd6ea2e5 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 1301038 x-cache HIT, HIT content-length 24189 x-served-by cache-iad-kjyo7100176-IAD, cache-hhn4073-HHN last-modified Fri, 23 Oct 2020 15:41:06 GMT server cat factory 1.0 x-timer S1647505370.260211,VS0,VE0 etag "6089ea987842c523ccf26ffbf6481b99" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 4
GET H2	200	uX9vrSN.jpg i.imgur.com/	28 KB 29 KB	31ms 14ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/uX9vrSN.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash c0b90a38d57e425c78b77701e9a6be73194f05b00b6df348eaa3e1465d1614b2 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 2417539 x-cache HIT, HIT content-length 29102 x-served-by cache-iad-kcgs7200116-IAD, cache-hhn4073-HHN last-modified Fri, 23 Oct 2020 15:40:58 GMT server cat factory 1.0 x-timer S1647505370.260270,VS0,VE0 etag "e85fdf6a6c4a4eee92d725b715dfe8f8" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 4
GET H2	200	jdqoSTy.png i.imgur.com/	12 KB 12 KB	19ms 18ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/jdqoSTy.png Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 9f0a40b05f1980c6af2ecef8e637275e50b24f441300a43b8858a61737723088 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 3547334 x-cache HIT, HIT content-length 12559 x-served-by cache-iad-kjyo7100167-IAD, cache-hhn4073-HHN last-modified Fri, 23 Oct 2020 15:42:24 GMT server cat factory 1.0 x-timer S1647505370.275780,VS0,VE0 etag "6db8746de42153bc0c879e14204fce42" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 7
GET H2	200	twwr.jpg 1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/	9 KB 9 KB	138ms 40ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/twwr.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 4aa7af1442f6f006f5fc0cc0550ce8d2246d4ec52f8c6dfc00de75702d878ee4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 05:27:12 GMT x-content-type-options nosniff age 10538 content-disposition inline;filename="twwr.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9006 x-xss-protection 0 server fife etag "v775" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sun, 20 Feb 2022 05:30:13 GMT
GET H2	200	aP4hWCC.jpg i.imgur.com/	123 KB 123 KB	20ms 19ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/aP4hWCC.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash eaf8234ca8c7fff8fce1a268275806efb63012087837263f2d6f5a0ae17e1973 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 92960 x-cache HIT, HIT content-length 125739 x-served-by cache-iad-kcgs7200172-IAD, cache-hhn4073-HHN last-modified Sun, 06 Jun 2021 23:24:02 GMT server cat factory 1.0 x-timer S1647505370.275873,VS0,VE0 etag "6f0c876a20cf7ee9ffc598c55b8813e0" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 4
GET H2	200	ettte.jpg 1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/	34 KB 34 KB	144ms 47ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 05:27:12 GMT x-content-type-options nosniff age 10538 content-disposition inline;filename="ettte.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35100 x-xss-protection 0 server fife etag "v771" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 11 Mar 2022 14:41:31 GMT
GET H2	200	lz7ilfE.jpg i.imgur.com/	178 KB 178 KB	23ms 22ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/lz7ilfE.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash b5395e4a225c849aee7a44c7ba55bfa603228758d38bd680f9c6c3059d231998 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 2509951 x-cache HIT, HIT x-amz-storage-class STANDARD_IA content-length 182298 x-served-by cache-iad-kiad7000057-IAD, cache-hhn4073-HHN last-modified Mon, 31 May 2021 22:45:36 GMT server cat factory 1.0 x-timer S1647505370.275940,VS0,VE1 etag "9b584dc15feadafc867facb8ee23bcde" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	uMlXz9m.png i.imgur.com/	74 KB 74 KB	24ms 24ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/uMlXz9m.png Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash df256b03cb313a930810440c59b9ee68f6100e4ff6a2e2561e9b48b4b885c05d Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 1304815 x-cache HIT, HIT content-length 75281 x-served-by cache-iad-kcgs7200051-IAD, cache-hhn4073-HHN last-modified Thu, 30 Sep 2021 11:40:00 GMT server cat factory 1.0 x-timer S1647505370.276016,VS0,VE1 etag "e2d3210347f39b0cfced437f2247c124" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	gy.jpg 1.bp.blogspot.com/-8b8Dz7vkxYA/YKKfcPgq6MI/AAAAAAAAB3c/FfLq7idbQLoDLcNVA1aU7NOvOK-LGyPtACLcBGAsYHQ/s200/	14 KB 14 KB	191ms 95ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-8b8Dz7vkxYA/YKKfcPgq6MI/AAAAAAAAB3c/FfLq7idbQLoDLcNVA1aU7NOvOK-LGyPtACLcBGAsYHQ/s200/gy.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9c8422d5613999e44fd77a0d46e2161faf8de4fd967265da030323f0b1b48eea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 05:27:12 GMT x-content-type-options nosniff age 10538 content-disposition inline;filename="gy.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14341 x-xss-protection 0 server fife etag "v779" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 18 Dec 2021 06:14:20 GMT
GET H2	200	AIcpwae.jpg i.imgur.com/	34 KB 34 KB	21ms 20ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/AIcpwae.jpg Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash ccd057614298e00b5b7a8e8fd626e033e1dd611fa7b024b49f7afc0513ef580b Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff age 776787 x-cache HIT, HIT content-length 34667 x-served-by cache-iad-kiad7000146-IAD, cache-hhn4073-HHN last-modified Fri, 11 Jun 2021 22:08:24 GMT server cat factory 1.0 x-timer S1647505370.276089,VS0,VE0 etag "fe94a01bbd1ef724fa9a792fa45387f6" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 4
GET H2	200	micro.tag.min.js Show response choogeet.net/pfe/current/	139 KB 48 KB	56ms 12ms	Script application/javascript	139.45.197.252 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 5b0e7fc58f69d9f96da53cf06b12e133d1a6a3f5b5ca296a6fe1c21ac57c68fb Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Thu, 17 Mar 2022 08:22:50 GMT content-encoding gzip last-modified Tue, 22 Feb 2022 13:52:39 GMT server nginx etag W/"6214eaa7-22c6a" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
POST H2	200	zone choogeet.net/	0 253 B	14ms 14ms	Ping text/plain	139.45.197.252 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choogeet.net/zone?&pub=0&zone_id=4307628&is_mobile=false&domain=kn.mpesaken.gifts&var=&ymid=&var_3=&dsig=&action=prerequest Requested by Host: choogeet.net URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-trace-id 93ba8c3b80073eb8366993ad51393db2 date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-origin https://kn.mpesaken.gifts access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 546 B	45ms 13ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4307628&checkDuplicate=true&ymid=&var= Requested by Host: choogeet.net URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ac11fde0e4d7ed23f4ab22ecf31a25196e9077d554cad693b6c30ddc50581b26 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://kn.mpesaken.gifts access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone Show response choogeet.net/	737 B 1 KB	41ms 16ms	Fetch application/json	139.45.197.252 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choogeet.net/zone?&pub=0&zone_id=4307628&is_mobile=false&domain=kn.mpesaken.gifts&var=&ymid=&var_3=&dsig=&action=settings Requested by Host: choogeet.net URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=4307628&sw=/sw-check-permissions-2c102.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash b4dab6a044bee7dcfbc7d969f3e855b3bd29846bd35865b4f6d38ed12b73256a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-trace-id 951f8287528b2c699f0ea91392aa3a64 date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 content-type application/json; charset=utf-8 access-control-allow-origin https://kn.mpesaken.gifts access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 737
GET H2	404	like.png kn.mpesaken.gifts/img/f/	68 KB 68 KB	313ms 313ms	Image text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://kn.mpesaken.gifts/img/f/like.png Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash 48f56998939a3a5acbc227f96c4bb57a32dcdd60fad55a7ab2c2766356f1eb9a Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/q4svgrc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:51 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14866 vary Accept-Encoding content-type text/html
GET H2	404	bubble.png kn.mpesaken.gifts/img/f/	68 KB 68 KB	467ms 465ms	Image text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://kn.mpesaken.gifts/img/f/bubble.png Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash 48f56998939a3a5acbc227f96c4bb57a32dcdd60fad55a7ab2c2766356f1eb9a Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/q4svgrc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:51 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14866 vary Accept-Encoding content-type text/html
GET H2	404	Tahoma-Bold.ttf kn.mpesaken.gifts/fonts/	0 0	312ms 311ms	Font text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://kn.mpesaken.gifts/fonts/Tahoma-Bold.ttf Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash Request headers Referer https://kn.mpesaken.gifts/q4svgrc Origin https://kn.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:51 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14866 vary Accept-Encoding content-type text/html
GET H2	200	fa-regular-400.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/	23 KB 23 KB	13ms 12ms	Font application/octet-stream	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea05e6c716c1e72e7aab7abde872bd5dd45acf4142bd4ad198ebfc74989b0880 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css Origin https://kn.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:50 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1680006 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23456 timing-allow-origin * last-modified Tue, 21 Sep 2021 07:01:54 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "61498362-5ba0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhLOBDADw3K1NKS0cDDRsYaYxSKDHM7VqipA8nW882AC9ma1jlCfIHEIgkGbRlPplzOKo2IPfumnLOuhbfv3t9tM%2FyI43Af5TQ8o3hocNZtl2wQt9Z6BhU%2BiVwgmg0di8oIJ4HctVH2KWf41cAu%2FCGw4"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6ed452b83d7f9244-FRA expires Tue, 07 Mar 2023 08:22:50 GMT
GET H2	404	Tahoma.ttf kn.mpesaken.gifts/fonts/	0 0	467ms 467ms	Font text/html	198.54.116.12 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://kn.mpesaken.gifts/fonts/Tahoma.ttf Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.12 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server196-4.web-hosting.com Software LiteSpeed / Resource Hash Request headers Referer https://kn.mpesaken.gifts/q4svgrc Origin https://kn.mpesaken.gifts Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:22:51 GMT content-encoding gzip x-turbo-charged-by LiteSpeed server LiteSpeed content-length 14866 vary Accept-Encoding content-type text/html
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	49ms 9ms	Script application/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: kn.mpesaken.gifts URL: https://kn.mpesaken.gifts/q4svgrc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 08:20:20 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.120.0/27 etag "-375139978" x-cacheable Matched cache content-type application/javascript; charset=UTF-8 x-cdn-pop sbg accept-ranges bytes content-length 4364 x-request-id 358777343
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	51 B 185 B	294ms 95ms	Script text/html	192.99.0.58 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4590856&@f16&@g1&@h1&@i1&@j1647505370308&@k0&@l1&@mSafaricom%20Mpesa%20Gifts!&@n0&@ohttps%3A%2F%2Fke.safproms.gifts%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-42762857&@b3:1647505370&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkn.mpesaken.gifts%2Fq4svgrc&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.0.58 Brossard, Canada, ASN16276 (OVH, FR), Reverse DNS ns500326.ip-192-99-0.net Software / Resource Hash 49d6bae97173f6da39655ad238384a8b8c103adebf4ff750fe6fb29281d6c8d0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kn.mpesaken.gifts/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 08:22:51 GMT Connection close Content-Length 51 Content-Type text/html;charset=UTF-8

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery number| timer_start string| redirectURL string| WhatsApp_share_message string| Share_link string| alert_text number| total number| ii number| iy function| hidepop object| regeneratorRuntime object| ntfcSDK object| zfgformats object| mc function| $mcj object| fnames object| ftypes function| incrementValue1 function| incrementValue_i boolean| spin2enabled number| ob function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| lasthtml function| dapp function| dappp function| record string| j string| randomcode string| klast string| banner string| dl string| dl2 object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-20 10:24:01	Name: ID Value: d51f7869e59f46d88dc60fbf30898b58
			kn.mpesaken.gifts/	1970-01-20 01:38:25	Name: null Value: null
			kn.mpesaken.gifts/	1970-01-20 01:38:25	Name: 50 Value: 50
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: HstCfa4590856 Value: 1647505370308
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: HstCla4590856 Value: 1647505370308
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: HstCmu4590856 Value: 1647505370308
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: HstPn4590856 Value: 1
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: HstPt4590856 Value: 1
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: HstCnv4590856 Value: 1
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: HstCns4590856 Value: 1
			kn.mpesaken.gifts/	1970-01-20 10:24:01	Name: c_ref_4590856 Value: https%3A%2F%2Fke.safproms.gifts%2F

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ke.safproms.gifts/7000mpesa Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kn.mpesaken.gifts/q4svgrc Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kn.mpesaken.gifts/fonts/Tahoma-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kn.mpesaken.gifts/img/f/like.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kn.mpesaken.gifts/img/f/bubble.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kn.mpesaken.gifts/fonts/Tahoma.ttf Message: Failed to load resource: the server responded with a status of 404 ()