plum.gift Open in urlscan Pro
13.250.75.105  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request J0UyDrEkMZApiFhf Show response plum.gift/	3 KB 2 KB	340ms 24ms	Document text/html	13.250.75.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/J0UyDrEkMZApiFhf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.250.75.105 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-250-75-105.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 5326d6b0ecdf49e1f6fa21c5e19bcc71693fc9ebfd85f3ecf8f5b6c542a03346 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers access-control-allow-origin * * cache-control public, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 10 Jan 2024 12:58:03 GMT etag W/"cbd-18c5997d560" last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express
GET H2	200	t.js Show response cdn.trackjs.com/agent/v3/latest/	29 KB 11 KB	379ms 18ms	Script application/javascript	138.199.46.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.trackjs.com/agent/v3/latest/t.js Requested by Host: plum.gift URL: https://plum.gift/J0UyDrEkMZApiFhf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.46.68 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB), Reverse DNS 138-199-46-68.bunnyinfra.net Software BunnyCDN-SG1-868 / Resource Hash 3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:03 GMT x-amz-meta-cache-control s-max-age=3600, max-age=604800, public content-encoding br cdn-edgestorageid 868 x-amz-request-id B9WBVAFB88V3V8ZQ x-amz-server-side-encryption AES256 x-amz-meta-content-type application/javascript cdn-cachedat 12/06/2023 20:10:09 cdn-pullzone 1606702 x-amz-id-2 vJyrpBQzc2irB8xSQftS672JkmQ0K6OtXhCC01e6p7NU63bJuLtHGsIitQr3zPZKkIXDr/PaSh4= last-modified Wed, 06 Dec 2023 15:35:37 GMT server BunnyCDN-SG1-868 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"f62a120cfe36e652de667aaed72b7815" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid cd4e6a4c-6811-495a-bea9-94fbb4c46859 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=604800, s-max-age=3600 cdn-requestid 2a50b595e179ea6eae45bb00c202d097 cdn-requestcountrycode SG access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	weglot.min.js Show response cdn.weglot.com/	118 KB 41 KB	425ms 51ms	Script application/javascript	104.18.6.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.js Requested by Host: plum.gift URL: https://plum.gift/J0UyDrEkMZApiFhf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.6.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e178d90d78f6611536dcc71109b0cc9e7b72e440f70f8660c3fa9c4d1ef9dab3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:03 GMT content-encoding gzip via 1.1 e74ae1ee8d87215b42aa8a1c59137a48.cloudfront.net (CloudFront) x-amz-version-id null cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop HKG54-C1 age 76 x-cache Hit from cloudfront last-modified Tue, 02 Jan 2024 13:41:50 GMT server cloudflare etag W/"1e5aee4de3743f9b04dd524b29b410f4" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=1800 cf-ray 843516de0b8387e4-SIN x-amz-cf-id 45fdJNqNZMp8b1rq2cuk7f5f0vxb-kp23pkZ0TgdXzngMmTEr8S2aw== expires Wed, 10 Jan 2024 13:28:03 GMT
GET H2	200	2.969afb3d.chunk.css plum.gift/static/css/	150 KB 150 KB	94ms 92ms	Stylesheet text/css	13.250.75.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/css/2.969afb3d.chunk.css Requested by Host: plum.gift URL: https://plum.gift/J0UyDrEkMZApiFhf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.250.75.105 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-250-75-105.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 85ed30f8e67e750ecec24cff995c66a24e1d4f981ae88c219457bc686ee23ceb Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/J0UyDrEkMZApiFhf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:03 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"257f8-18c5997d560" content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 153592
GET H2	200	main.1d383829.chunk.css plum.gift/static/css/	44 KB 45 KB	201ms 200ms	Stylesheet text/css	13.250.75.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/css/main.1d383829.chunk.css Requested by Host: plum.gift URL: https://plum.gift/J0UyDrEkMZApiFhf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.250.75.105 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-250-75-105.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 87463c013d1583a79efb1719072faa4d52e98a20f07d700ec7722842d3862a96 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/J0UyDrEkMZApiFhf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:03 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"b19e-18c5997d560" content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 45470
GET H2	200	2.de53e299.chunk.js Show response plum.gift/static/js/	564 KB 565 KB	190ms 189ms	Script application/javascript	13.250.75.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/js/2.de53e299.chunk.js Requested by Host: plum.gift URL: https://plum.gift/J0UyDrEkMZApiFhf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.250.75.105 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-250-75-105.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 9fb1c41b206c5d8239676cd5c6993cf13b0a83f93963ba495ca430c374d1db4f Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/J0UyDrEkMZApiFhf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:03 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"8cf5b-18c5997d560" content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 577371
GET H2	200	main.f82dcaab.chunk.js Show response plum.gift/static/js/	129 KB 130 KB	201ms 200ms	Script application/javascript	13.250.75.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/js/main.f82dcaab.chunk.js Requested by Host: plum.gift URL: https://plum.gift/J0UyDrEkMZApiFhf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.250.75.105 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-250-75-105.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash e4283186384bf12b75804d8672798dcef0a83e049e44e80b063865955bf81724 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/J0UyDrEkMZApiFhf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:03 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"2052c-18c5997d560" content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 132396
GET H2	200	fae9f07765496a53dbbaf34855be5d376.json Show response cdn.weglot.com/projects-settings/	4 KB 1 KB	402ms 48ms	Fetch application/json	104.18.6.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/projects-settings/fae9f07765496a53dbbaf34855be5d376.json Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.6.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f884e6930f59f8376bfec551e14b2166b0d5821a150fd826c2d573937717928 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:04 GMT x-amz-version-id null content-encoding gzip cf-cache-status DYNAMIC via 1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront) strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop SIN5-C1 age 103803 x-cache Hit from cloudfront last-modified Thu, 12 Oct 2023 13:36:14 GMT server cloudflare etag W/"192001cabdab6c4e308187ff8ca8b4f8" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json access-control-allow-origin * cf-ray 843516e0cd9a3da5-SIN x-amz-cf-id icaEFRH5wU7SHylwAJWfl2xR_C_L22BvbKpT4zXpHdrLY7VkSUggow==
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	358ms 18ms	Stylesheet text/css	64.233.170.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap Requested by Host: plum.gift URL: https://plum.gift/static/css/main.1d383829.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f95.1e100.net Software ESF / Resource Hash 2d52bc2b78875ad5aa7d3fb631ce947f259f3008eef744aadd87fc087177fc87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 10 Jan 2024 12:58:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Jan 2024 12:58:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 Jan 2024 12:58:04 GMT
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	391ms 33ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: plum.gift URL: https://plum.gift/static/css/main.1d383829.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:04 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 993 age 3752996 cdn-cachedat 10/31/2023 18:57:33 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"269550530cc127b6aa5a35925a7de6ce" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 250871d3528756a1ee847a3a200f969c timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 843516e0d9e47981-SIN cdn-requestpullsuccess True
OPTIONS H2	200	link_status stores.xoxoday.com/chef/api/public/graph/stores/	0 0	484ms 115ms	Preflight	104.18.31.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores.xoxoday.com/chef/api/public/graph/stores/link_status Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.31.19 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,lng,pltfm Access-Control-Request-Method POST Origin https://plum.gift Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization access-control-allow-origin https://plum.gift cf-cache-status DYNAMIC cf-ray 843516e40dd23e3d-SIN content-length 0 date Wed, 10 Jan 2024 12:58:04 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block xoxo-tracer-id 843516e40dd23e3d-SIN
POST H2	200	link_status Show response stores.xoxoday.com/chef/api/public/graph/stores/	4 KB 3 KB	448ms 112ms	Fetch application/json	104.18.31.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores.xoxoday.com/chef/api/public/graph/stores/link_status Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.31.19 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d32317c021d325ae90129e540af146b8b16a3439d46a7d0300f6aabe6b877c0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://plum.gift/ accept-language zh-SG,zh;q=0.9 lng en pltfm 4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/json Response headers date Wed, 10 Jan 2024 12:58:05 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip x-dns-prefetch-control off x-xss-protection 1; mode=block server cloudflare etag W/"f22-UHqYLwwHbDVW5qOxYpn/jFacFuY" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://plum.gift access-control-allow-credentials true xoxo-tracer-id 843516e6be206bfd-SIN cf-ray 843516e6be206bfd-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
GET H2	200	weglot.min.css cdn.weglot.com/	28 KB 5 KB	29ms 29ms	Stylesheet text/css	104.18.6.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.css?v=4 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.6.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:04 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT via 1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront) strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop SIN5-C1 age 3678769 x-cache Hit from cloudfront last-modified Tue, 21 Nov 2023 14:36:53 GMT server cloudflare etag W/"396483c84619a8b59a272ec60b4059c4" vary Accept-Encoding access-control-allow-methods GET content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 843516e19a0887e4-SIN x-amz-cf-id ewEEn414kb5Co2qaKXZSwR_rLl_8XJVkcSbFFxy6X7C1QLWQ5OT7hQ== expires Thu, 09 Jan 2025 12:58:04 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	359ms 20ms	Font font/woff2	74.125.130.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f94.1e100.net Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://plum.gift accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 07:02:05 GMT x-content-type-options nosniff age 21359 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 07:02:05 GMT
POST H2	200	pageviews api.weglot.com/	2 B 0	654ms 256ms	Fetch application/json	104.18.7.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.weglot.com/pageviews?api_key=wg_fae9f07765496a53dbbaf34855be5d376 Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.7.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'nonce-fb41c12e3e14ba3759b141bc76492ba4' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://plum.gift/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 10 Jan 2024 12:58:05 GMT content-security-policy script-src 'nonce-fb41c12e3e14ba3759b141bc76492ba4' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status DYNAMIC x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin * cache-control max-age=0, must-revalidate, no-store, private permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 843516e429106034-SIN access-control-allow-headers Content-Type expires Wed, 10 Jan 2024 12:58:04 GMT
GET H/1.1	200 OK	usage.gif usage.trackjs.com/	43 B 229 B	776ms 250ms	Image image/gif	138.197.155.84 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://usage.trackjs.com/usage.gif?token=243963c89e634a1dbb45c346bbc856d6&correlationId=47ebe0df-ff65-4586-a1e6-c3a0143f5293&application=plum_gift&x=27bd9d0f-ffd4-4c5a-ac79-efa8a84284ca& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.197.155.84 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS prd-usage-1.tjsint.net Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 12:58:05 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	Bucketlist_landscape_blue%20%281%29.png xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com/image/clients/20080100000000000/platform_setting/	18 KB 18 KB	97ms 50ms	Image image/png	52.219.40.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com/image/clients/20080100000000000/platform_setting/Bucketlist_landscape_blue%20%281%29.png?versionId=Z51T4f8oDih0ncdm7A3UFp2JfsKQNcr6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.40.143 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS s3-ap-southeast-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 1e427607f635fb8b3c87d7002eb897126ab9ba9e912c1449323eefd8335fe3c9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 12:58:06 GMT x-amz-version-id Z51T4f8oDih0ncdm7A3UFp2JfsKQNcr6 Last-Modified Thu, 16 Sep 2021 19:08:00 GMT Server AmazonS3 x-amz-request-id EFGE7DKNEQMA496D ETag "182bf55bd6a156ce28ee6d695414b48d" Content-Type image/png x-amz-replication-status COMPLETED Accept-Ranges bytes Content-Length 18429 x-amz-id-2 6IqaFN/oEDifxC2okfNMbfTYC2YJEUIuKPQMnDy4DPF9H9S+1DQjPdX0ADPvtgIgL6lXfkg9vfE=
GET H2	200	phpKBCXZm_lv1gwr.jpg res.cloudinary.com/dyyjph6kx/image/upload/gift_vouchers/	85 KB 85 KB	752ms 388ms	Image image/jpeg	104.19.167.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/dyyjph6kx/image/upload/gift_vouchers/phpKBCXZm_lv1gwr.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdf203b44666439f9813cbd595f72b92d1918bcc0579434322e1d711f07c98e7 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:06 GMT strict-transport-security max-age=604800 x-content-type-options nosniff server-timing cld-cloudflare;dur=353;start=2024-01-10T12:58:05.730Z;desc=miss,rtt;dur=4,content-info;desc="width=1000,height=666;";cloudinary;dur=61;start=2024-01-10T12:58:05.882Z content-length 86617 last-modified Fri, 12 Mar 2021 12:29:10 GMT server cloudflare etag "4c6784188d1a73670d1f2dcde45da939" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,Vary,x-content-type-options cache-control public, no-transform, max-age=2592000 accept-ranges bytes cf-ray 843516e9b94844c5-SIN timing-allow-origin *
GET H2	200	/ Show response ipapi.co/json/	763 B 855 B	611ms 259ms	XHR application/json	104.26.8.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipapi.co/json/ Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.26.8.44 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 508a0116e1763525ff7fc3948e48a1860cac0b99ca32c3d6d28ae26d98d4592a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://plum.gift/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:58:05 GMT content-encoding br x-content-type-options nosniff referrer-policy same-origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Host, origin allow GET, POST, HEAD, OPTIONS, OPTIONS content-type application/json access-control-allow-origin https://plum.gift report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VyswMKSLhcFFHrFAIm8JbuDyzjmjme5xqTpcc01wEZlmpQBTEfDFbwneVQMr1Gq8jSsSjmSytgZosVq2IGF36JosvGJe578xYgRE8CtE4pgLNWrhk%2FqF6jF"}],"group":"cf-nel","max_age":604800} x-frame-options DENY cf-ray 843516e9bf8d9f9e-SIN

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| trackJs object| TrackJS object| Weglot object| webpackJsonpwebapp function| setImmediate function| clearImmediate object| regeneratorRuntime

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xoxoday.com/	1970-01-20 17:34:53	Name: __cf_bm Value: WyQnYnA65pZwWxYFZL38IUmgjekvhlnOa05oXa5YKd0-1704891485-1-ATikxzLXdO7t7tSE02unLe15830fRSCkN8mtWoL2BB6dvXuwLPI8Omibyu1GGm6uE5rdWDjGev2Rs3U1GbldvIU=
			.xoxoday.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0kBpbtHwy1uqyH5GUoMklpJcTnrR9Rk4jx5z6yf2Zmc-1704891485331-0-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.weglot.com
cdn.trackjs.com
cdn.weglot.com
fonts.googleapis.com
fonts.gstatic.com
ipapi.co
plum.gift
res.cloudinary.com
stackpath.bootstrapcdn.com
stores.xoxoday.com
usage.trackjs.com
xoxoday-dropbox.s3.ap-southeast-1.amazonaws.com
104.18.10.207
104.18.31.19
104.18.6.32
104.18.7.32
104.19.167.65
104.26.8.44
13.250.75.105
138.197.155.84
138.199.46.68
52.219.40.143
64.233.170.95
74.125.130.94
1e427607f635fb8b3c87d7002eb897126ab9ba9e912c1449323eefd8335fe3c9
1f884e6930f59f8376bfec551e14b2166b0d5821a150fd826c2d573937717928
2d52bc2b78875ad5aa7d3fb631ce947f259f3008eef744aadd87fc087177fc87
3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506
3d32317c021d325ae90129e540af146b8b16a3439d46a7d0300f6aabe6b877c0
508a0116e1763525ff7fc3948e48a1860cac0b99ca32c3d6d28ae26d98d4592a
5326d6b0ecdf49e1f6fa21c5e19bcc71693fc9ebfd85f3ecf8f5b6c542a03346
6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85ed30f8e67e750ecec24cff995c66a24e1d4f981ae88c219457bc686ee23ceb
87463c013d1583a79efb1719072faa4d52e98a20f07d700ec7722842d3862a96
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9fb1c41b206c5d8239676cd5c6993cf13b0a83f93963ba495ca430c374d1db4f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e178d90d78f6611536dcc71109b0cc9e7b72e440f70f8660c3fa9c4d1ef9dab3
e4283186384bf12b75804d8672798dcef0a83e049e44e80b063865955bf81724
fdf203b44666439f9813cbd595f72b92d1918bcc0579434322e1d711f07c98e7