urlscan.io logo urlscan.io
SecurityTrails logo

ngcashsp.surpriseanddelightgifts.com Open in urlscan Pro
2606:4700:3036::6815:452e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0.....
Effective URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0.....
Submission: On June 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3036::6815:452e, located in United States and belongs to CLOUDFLARENET, US. The main domain is ngcashsp.surpriseanddelightgifts.com.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2024. Valid for: 3 months.
This is the only time ngcashsp.surpriseanddelightgifts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700:303... 13335 (CLOUDFLAR...)
12 139.45.197.251 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
33 3
Apex Domain
Subdomains		 Transfer
20 surpriseanddelightgifts.com
ngcashsp.surpriseanddelightgifts.com
192 KB
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 21815
3 lemouwee.com
lemouwee.com — Cisco Umbrella Rank: 379173
16 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8881
558 B
33 4
Domain Requested by
20 ngcashsp.surpriseanddelightgifts.com ngcashsp.surpriseanddelightgifts.com
lemouwee.com
9 jouteetu.net lemouwee.com
3 lemouwee.com ngcashsp.surpriseanddelightgifts.com
lemouwee.com
1 my.rtmark.net lemouwee.com
33 4

This site contains no links.

Subject Issuer Validity Valid
ngcashsp.surpriseanddelightgifts.com
GTS CA 1P5		 2024-05-10 -
2024-08-08		 3 months crt.sh
lemouwee.com
R3		 2024-04-05 -
2024-07-04		 3 months crt.sh
jouteetu.net
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Frame ID: DD7FC6C23588153DAA152F2ACC254E0C
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Congratulations

Page URL History Show full URLs

  1. http://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495... HTTP 307
    https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

33
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

209 kB
Transfer

324 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944 HTTP 307
    https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ngcashsp.surpriseanddelightgifts.com/
Redirect Chain
  • http://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=817...
  • https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=81...
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d661994f253547b877fd318e16164e895ec15494850cc9d8628529f805c1f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89534ab33e1f1d86-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 17 Jun 2024 13:12:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJo0agoLwOhZbJeJKA9XQtIs4xFBjzjz2TRFC%2FDpRk0Gd%2FsBf7zgcIgEQHneGa5ApzsQv6MsNVNW%2FW9nn4JWLJs6Ml5qbnveX6jkdicz2dNOrTrfHDOmFe%2BjjReZIQx%2BVuDB66ff2XtqSqs39K49lmesh0fFBLjF75YJkeY1L2LxhqY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Location
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Non-Authoritative-Reason
HttpsUpgrades
app.css
ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/app.css
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8091c6c17750f7d04f42c64a9a167ede769848456807a6aebbad4385c2c9f793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"8bf115212e65a10ed5c6830297d82c25"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vc8M7ufvRIJmhkDxbI7Ag9xMNGMKQmeCBTLGUBgn0SyklSp4Hxy2ZVxj1ADO9%2FuX67p03D4RdOmI7rsQNPe%2BHT%2BtuCdjWjMqRVgGYTGNvN5PbLfrDlmjhf73eRcZrH50R84CJRV%2BQnYCS7mU7c40IKABAqXi8822KTDnsMvigM4MpCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
89534ab599ef1d86-FRA
alt-svc
h3=":443"; ma=86400
notification.png
ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/notification.png
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26e23b65ebda6a7d7024e80bfbf784ebf42a29b7fcf9c93f312e22d7c2bd5b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1159
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"5c54aa7edbf5f012fb51383bbe0a3ebc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uwu342d3QyGaNwxGBzNBbbSN7FYRZam0bSo42ToKIiFmcLsGXB1my40IflY3GfSc7z2ExF0KS4XO5X570VMYtYYOb568CGFWKtukRCqE8J70ZDzrI1hCrhQ974xuOF2Oxz1jnDYrCXsa2bPMESb8miLnqmW%2FwFzk654Yxv1hoItskJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab599f31d86-FRA
loader.gif
ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/loader.gif
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2d27fbb655aa94d2ac35b08fbe141fa389ad7dbf6900ca4933675a58d13ba0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5381
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"80cb55a17b86d2b29a39e033e28915c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQVijyMztm6CLtmEdQN6HCqrS5tH6jlmS6HxEDMOwTJspQhmNW%2FHjJRbRW4AA5XoTp%2FQgGM8%2B5BTwPcJWlun9hKhC73wGgR%2BKn3qsLlxjPZRqVOwV2TJFreCE2P0Z00yA0Oqyby9EeI%2B7I5ZSVSZZqblia2CbgUznKMA74gxe%2Ba3tOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab599f51d86-FRA
default@0.5x.png
ngcashsp.surpriseanddelightgifts.com/img/prizes/cash-500-usd/ng/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/prizes/cash-500-usd/ng/default@0.5x.png
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad417d5c65244e0806807d1f430ff65a7da5d926d3e2bff6100cdd14b2eed05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10394
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"a48d25d166bc02219c169783e47c4275"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6FNkwCQrMUnYTRQMIm6VlrXeCd54f%2FFen%2BF7ap5unFQ1nGTZP%2Bko5EqEwG1qUkJPWpARid9AAIe1SYLhxjvU9hyxSR6%2BqKhd10DIX3wi9WrTJFiwL4LxhSfXPmlgrefISdCLMSms3Jq%2Ffdju%2BmeV%2FWVZaoM5CRLtJPlnU9stoKZAzU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab5ba1f1d86-FRA
script.js
ngcashsp.surpriseanddelightgifts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ngcashsp.surpriseanddelightgifts.com/script.js
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412e4d8ca8797cad6f0ddd33b61b7e26a6ac920f320fc20329ebd85eec70b6d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"3579ef6b1d1583ccea5678a9b579ab74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MG28V5GCIhNp%2FHRLixCNKJFiFeAN2hv2IlBHVJTsk1RVAkhtAC9967QUKMVqd8troa81hH8jBAYQT0oK1QXy9ZcK0p%2FdNnbiVsLf02%2BrhLC6L93x5uk1gkF3Q%2FacZKRHEW3Qe%2FYGokTZKYUckTO1pqHAIW9chGw7liaovVTSUUiE8Tg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
89534ab5ba221d86-FRA
alt-svc
h3=":443"; ma=86400
app.js
ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/ 		145 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/app.js
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442b8e84fce66d68fb745433ed08d414a3422a339e7b1c6500fdae86cec1ca95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"dd3b69e4e35b0e2abc57254aa56a632c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kooi%2BeX81WJSk9YwqmAW%2Buw0h8vTKCTd%2B8yy4%2Fgn8IVOGdTzU9JQVs%2FdEWQT3nZRfZTk%2BccQeANUWJGmyycf3SdVCP6bwXaRqppumWO27NkMVTrvie21v%2Fei8qIDSRIpB7Cru26beJEGwlV3B6ru5cVpajm9U3cJBVgje3s1pxFbcFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
89534ab5ba231d86-FRA
alt-svc
h3=":443"; ma=86400
micro.tag.min.js
lemouwee.com/pfe/current/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d51db2cca53687878555ae80c1a1c33b8cffa9e3d72a0b7841a6ce8036bef506

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 13:12:33 GMT
content-encoding
gzip
last-modified
Fri, 14 Jun 2024 14:56:06 GMT
server
nginx
etag
W/"666c5a06-9181"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sw-check-permissions-ea2cf.js
ngcashsp.surpriseanddelightgifts.com/ 		0
833 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ngcashsp.surpriseanddelightgifts.com/sw-check-permissions-ea2cf.js?zoneId=5168327
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"a3e6c833d663e5eb00c3685049d568c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfGTLehh7soG67BLjIw7bUq7X%2FM%2B35OtGYJ9otJI9RBd1rCO4gFAvb0rjAr7nP%2FGcYWwGuQANH2GgB1qrVrQkqFdX7mWtuORviQQRy7%2BX7ey8BdZaWXUg1FBBpofrFGpEc1Yl7pkhHeuhTmVFe3nGJ5kpjm05i5oYhG5OjxFFGBhEuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
89534ab6dbc41d86-FRA
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
lemouwee.com/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lemouwee.com/zone?&pub=0&zone_id=5168327&is_mobile=false&domain=ngcashsp.surpriseanddelightgifts.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.523&trace_id=6e961deb-cca2-4f96-99c5-0c8ff35cedfa&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguNjEifSx7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYuMC42NDc4LjYxIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9&drf=
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
nginx
access-control-allow-origin
https://ngcashsp.surpriseanddelightgifts.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
558 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5168327&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
025388b8dd760f375cb399c88a9db997e1a569d0af99b04eebb504933909824c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ngcashsp.surpriseanddelightgifts.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
lemouwee.com/ 		798 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lemouwee.com/zone?&pub=0&zone_id=5168327&is_mobile=false&domain=ngcashsp.surpriseanddelightgifts.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.523&trace_id=6e961deb-cca2-4f96-99c5-0c8ff35cedfa&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguNjEifSx7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYuMC42NDc4LjYxIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e2e210d6b6eb8296ce05ecfa97010e10062973824adc46e4e496a7f9a23dbe67
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ngcashsp.surpriseanddelightgifts.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
798
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
prizewheel_spinner.jpg
ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/prizewheel_spinner.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ad30d41c5afeae4172627646f736703674043dd7e08f9f717602f697b1003e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
46626
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"6de09a9524ea86f86b09b49aafbb258e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Of45%2FtA5VchideNqPzMIHKSc3aXa4N3oBTXUWDpXp6XbD4Bjiwb%2BRJPwOHcSPtfkjKI%2B5ZnSyk4d8SJn1wiN%2B9QYjoRtca6dTLpxg0j0pr9shOD82rmtxUMRoJ4NMbgpMsTIKnsucm1gFNDRxQ3xGo%2FSDe2XpVYoFLEeDnN4r0l6H6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab7fd521d86-FRA
prizewheel_static.png
ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/prizewheel_static.png
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cbc6a446b5ff318226eb7248e2c915062328e0b166cea24e7b4ee4b3eb5c7d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
31686
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"3acf4370691bee8c6112ea5f99798770"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnHHtJEFrnS4RDJHf%2FJbdQIntE8wD6nBRmyVay%2BD8Kex8jCvozC8jroPn3MSCJUihphUUYTsP41J213vxL%2BdFAraNzO5gd1RGc1dRzDuIV%2FmRtwv4MjwOA5gC4sOX94DmNgFQD3iqhem7p0EhpnzIKBzEXviM1cYGqSzNqdXF00%2FBWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab7fd5b1d86-FRA
3@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/3@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8970ba9af5b39727ac25d42ab540c42ae7f58de4011fadb8efd2f5f317a8d575
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2727
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"63ab7b3d15a15db647f1e9d417e08907"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Teuv4eCam40OFokZpfPSUibOOgwSFbJSxOBm%2FxAzsmER095piWIs%2F1MD9oTXDVAVq8ssDnxEyUcMqzylnQa5SOdA3M3FCiQY04QqWUjAfJ32qUN%2Fqg18XPHdjfl9ruy0VG%2BIZPbxeqxrZFV6it685h%2Bp4Jxd8y9c1gECU9vPDNjYD5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d651d86-FRA
3@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/3@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2518
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"8686f30087029aae26a42f7b5cf061a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NhQaXslNWCixSSUcy1Z21RNUe8yQH%2FwUS1gbuh4Nyu4eWfDPKMyLHXRSTiNzYRht%2Bo4TGXHg3ArcoW8bFLjTBK%2FvCx8esxxyYz6TrZhM51Qr8UFh4uHtjYLl9XcAEvveX41SX1yXaqPpZf6yroavrHnWMhKbKZFYSgssJKiLMDaHlM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d681d86-FRA
10@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/10@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278b0f8b52650d39e549fc69ea49d62d3bdd0c41b3ffd939da265842b6e40369
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2302
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"8a9a4c2245fab21ba70ffa7ef50db1e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxnVKNw%2BwaFX4azScRvho%2BuTqy5c8lAEp%2BdS6F9%2FuYVo%2BHhyasTkUGvoLOCfzBrVkZbT4UptH0vv1mMNV%2B%2FbNxZkLuune73tY6adr9hUKYOqp1ZQ%2FrBd3Z4erDYt7yDpPPyPQ8C%2BV3BvGNnZGtfr8ot52Fs3MPN8nya7KxkkTL5un5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d6c1d86-FRA
6@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/6@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c53bda952fa4ca1869dfb4fd7db948ef87f1a8c8f2e6633e2320465f01f0829f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2766
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7927cbe294ca20317c916c035d704d2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LCd8F2oR90kzbQZVTUEf%2FOenld7N0utxOGgyyhnJcmA4qPnqEYssOiSkXx8gIbBH8pALQ%2F%2BckOzXkTlBLd8Gdcdclb2pDdlrKPdPWtafGgdLDh6WENSDL3aVU8qbNs5inPzENl9CoNE5bfnbdeQjAOqokpkwuA2vxZ7se9ZV8lZfWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d6d1d86-FRA
fb-like.svg
ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/landers/prizewheel-fb/assets/img/fb-like.svg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f093971590dc0d67084f2a085b3a628639727b2950288cd95e3117e9e307a4bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"337b61c23f87de16c9cf87f93e800008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39Nvv4QyOZ%2Bm16m6j8dz3NtE8gN3xokCdFSW18H4pql6eNm3VamKTR2VgLAlNpwGOcz5ksGDTI9KPmD3CRfrY2rZ%2B8Tnv%2BrWDtB8HAc4A5eaSZiWaVAyNVUvp2Me%2Bnz4OHhaUvEuQajpfU3JsZgPbuT6jJ1jcEWuJ%2FS4E%2F%2FY0NMkLsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
89534ab80d6e1d86-FRA
alt-svc
h3=":443"; ma=86400
9@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/9@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d491c137daf159170ed6d6340c33b11806347b18b2e89840989b914346d9f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3146
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"5887257990951ebcff9a43a27625b5af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5v%2BRuarwpVtRlCknStzlzm%2BE8tMcQr5ja4xYaBjBUO4YlcZk476g73glWfBm5SKCqaNKs0KdrmsY0GhqeiOl7GDqDg3ERC4okTj2y2YhaN8orEkjGdQWzSvd7z4zkqEmLNtTDyzIh2qXwplB%2FIvfR7VtWSI8uSqLJnQAoG1vvA2%2BioA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d701d86-FRA
proof.jpg
ngcashsp.surpriseanddelightgifts.com/img/prizes/cash-500-usd/default/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/prizes/cash-500-usd/default/proof.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
177f33daa8585b4555426554164030ae8c740683b7c15988519a6413c3510729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5277
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"a7624dbb20bc7ace78c33a90c8bc89f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGxx3h0sc%2FY8L6T9bzoRv6kwhXvz5J6%2FaX%2FaWwpP6pHcVaGRlmSbmOeH5erx%2FijSKvNTS49M0gDbOLnmWIRXfCZ0QfT7%2FFYy%2FVTKmW29SZCbRVB2QZzbbw%2FI39yYUguOSUGl0WjEWZk%2FW65ixinn5OUEujk28jmoCRPtvTLRKqD8uv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d721d86-FRA
5@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/5@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3eefd5709b25e1bb1129cccb1da22e54816cb2d15a2ed4cfa045b57579a7ef8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1960
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"8058edb32f7a1e02051af211a970a645"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGjmjl%2FWvuuO2J%2BId1%2F61wQyd4mnpkD4iyMwwN9dy233dnOIrFqwjBE64Hqql9jTWX3w40BlcW%2FYXNcUK8g5b%2Ff2ZJGk4h5i9dx4vk6aXd2sqW7y0byGhAG0zD8xJMawaEQoa2%2FEWycGUg%2Bb67IfGRVRMNXzDjh5fMy13SnLAwdaxRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d741d86-FRA
1@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/female/1@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2781
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"3d250ef5245bb6de29b29c880177a6d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4oPLT4flRFtP584oWGG4%2FLiKrQkhlOaMwAcOyEe%2F2ewwvosNt7oUkqKpVko3X4QWIMAxJbvhh63ZiFRt5GSU3Clh1uETgOvERfUdBFyTJ0Mnj42feSWnXDrCNbtvj17bCp8k35vHc46fUlB%2BykrEqS6IenaX9bUuGplshGzM3LM%2Fy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d751d86-FRA
2@0.25x.jpg
ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngcashsp.surpriseanddelightgifts.com/img/profiles/african/male/2@0.25x.jpg
Requested by
Host: ngcashsp.surpriseanddelightgifts.com
URL: https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:452e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4118d09fb21a7f34160f470078f6dcba042e8a07e2b4e32de12a4dcd9c5e7da8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ngcashsp.surpriseanddelightgifts.com/?bemobdata=c=78f7d8c3-c59d-4b13-ba11-b1a4d2bedd27..l=9f6c8ba0-9bae-4015-9495-27c3d978347a..a=0..b=0..z=0.018111..e=812751939623194624..c1=4292672..c2=8176496..c3=20969148..ts=1715338704944
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:12:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2053
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"30b17a2e12a16b2ac0936edb070447b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aYX1Wgus8PsD4fvcN8%2FIf7Gxff94OCPv86%2BI1RxyXQf%2FaLCgdycQ9k6ty1uoKL%2FbTW2tNMpN2%2Brs8bUk40UCmj5tKqXAn36ZSaeWn60tYLKYvz7CaQEhDOfkH4ItWEewvqLifU1gEhkjjxfOB0IKllUrmO9CWpSuZyujDwvHYo1Bz1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
89534ab80d771d86-FRA
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: lemouwee.com
URL: https://lemouwee.com/pfe/current/micro.tag.min.js?z=5168327&sw=/sw-check-permissions-ea2cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ngcashsp.surpriseanddelightgifts.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

435 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| view object| s string| back object| zfgformats function| getURLParameter_location function| getURLParameter_hash function| getURLParameter function| Re function| Pt function| Sl function| Qt function| ia function| Tl function| ha function| Tt function| tr function| ma function| Nl function| kl function| ga function| go function| ba function| va function| Tn function| Cn function| Ie function| Il function| ct function| Br function| yo function| Ea function| Sa function| Ta function| ds function| hs function| ms function| bo function| vo function| Eo function| wo function| gs function| ys function| ht function| Pa function| sr function| Ba function| Ha function| rr function| Vl function| mi function| Va function| ir function| Ht function| Wt function| Kn function| gi function| ee function| yi function| bi function| or function| ge function| nt function| ja function| jl function| Ua function| vi function| Wa function| Ei function| qa function| Ja function| Xa function| Kl function| Ga function| eu function| tu function| ft function| Be function| Gt function| nu function| Si function| su function| lr function| Wl function| ru function| $s function| So function| Bs function| xl function| zl function| ou function| ql function| cr function| zn function| lu function| cu function| qn function| Ps function| au function| du function| To function| Ti function| Jn function| gu function| yu function| Ci function| _u function| bu function| Co function| Yl function| dn function| vu function| Eu function| Zl function| wu function| Vt function| rs function| Su function| Xl function| Lt function| Ql function| et function| Ni function| ec function| mn function| Cr function| No function| xt function| ar function| Oi function| Cu function| Nr function| In function| tc function| nc function| sc function| Ou function| kr function| Or function| ur function| fc function| Mu function| Iu function| Ru function| Mi function| ko function| Au function| Fu function| An function| uc function| Lu function| $u function| Bu function| Hu function| Vu function| ju function| Ku function| Uu function| Wu function| xu function| zu function| pc function| Yn function| qu function| Ju function| Yu function| Zu function| Xu function| Qu function| Oo function| dc function| Ii function| Hs function| Po function| ep function| Ur function| Ce function| Rn function| Mo function| tp function| hc function| sp function| mc function| Ln function| rp function| ip function| op function| gc function| Wr function| yc function| Io function| Ro function| Ao function| Fo function| Vs function| ap function| Ec function| wc function| Sc function| It function| Tc function| Ai function| up function| Ss function| hp function| Cc function| Ne function| Nc function| zr function| kc function| Ue function| Fi function| Nt function| Ze function| gp function| me function| yp function| Pc function| st function| Li function| _p function| at function| De function| bt function| Di function| Mc function| Oe function| Ic function| Rc function| Ac function| Ep function| qr function| Fc function| Lc function| Sp function| Dc function| gr function| Yr function| Tp function| $c function| Cp function| Np function| Vc function| Uc function| Fp function| Mr function| it function| yt function| Ho function| Vo function| Wc function| jo function| Ko function| xc function| Dp function| On function| $p function| Bp function| Zr function| Hp function| Vp function| jp function| lt function| Kp function| Up function| Wp function| qp function| Jp function| Zp function| zc function| Gp function| ed function| Xr function| Qr function| sd function| rd function| id function| od function| ld function| Zo function| Xo function| Qo function| _n function| Xc function| Gc function| Ts function| cd function| tf function| nf function| of function| Ki function| lf function| fe function| wd function| Sd function| es function| fs function| We function| ae function| Q function| Xe function| pe function| vn function| ni function| Td function| Cd function| En function| wn function| so function| mf function| yf function| Js function| Ys function| Ke function| br function| Dt function| Id function| Ar function| Rd function| Zs function| Xs function| _f function| Qs function| tl function| ts function| Fd function| nl function| Ut function| ns function| $d function| Bd function| io function| rl function| Hd function| Vd function| Pn function| jd function| si function| Kd function| il function| Ud function| Wd function| xd function| zd function| jn function| He function| qe function| vr function| we function| ye function| ss function| ol function| se function| qd function| ri function| Jd function| vf function| Is function| xe function| Ef function| wf function| Sf function| Tf function| Zd function| Xd function| Qd function| Gd function| Er function| Cf function| ll function| eh function| th function| Fr function| nh function| oo function| as function| Te function| sh function| kf function| rh function| Of function| ih function| oh function| lh function| ch function| fh function| ah function| uh function| ph function| dh function| hh function| gh function| cl function| fl function| al function| yh function| bh function| Pf function| Cs function| ii function| wh function| Ch function| Ns function| Rs function| Mf function| kh function| Rf function| dl function| Oh function| Ph function| Mh function| oi function| Rh function| ks function| Gs function| gl function| Hh function| jh function| Kh function| Wh function| wt function| lm function| cm function| fm function| pm function| dm function| hm function| mm function| Mm function| jm function| Wm object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

1 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 01807e9351744940f3f6a6a5f080e147

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jouteetu.net
lemouwee.com
my.rtmark.net
ngcashsp.surpriseanddelightgifts.com
139.45.195.8
139.45.197.251
2606:4700:3036::6815:452e
025388b8dd760f375cb399c88a9db997e1a569d0af99b04eebb504933909824c
177f33daa8585b4555426554164030ae8c740683b7c15988519a6413c3510729
19d491c137daf159170ed6d6340c33b11806347b18b2e89840989b914346d9f4
278b0f8b52650d39e549fc69ea49d62d3bdd0c41b3ffd939da265842b6e40369
2c2d27fbb655aa94d2ac35b08fbe141fa389ad7dbf6900ca4933675a58d13ba0
355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1
4118d09fb21a7f34160f470078f6dcba042e8a07e2b4e32de12a4dcd9c5e7da8
412e4d8ca8797cad6f0ddd33b61b7e26a6ac920f320fc20329ebd85eec70b6d6
442b8e84fce66d68fb745433ed08d414a3422a339e7b1c6500fdae86cec1ca95
5ad417d5c65244e0806807d1f430ff65a7da5d926d3e2bff6100cdd14b2eed05
7cbc6a446b5ff318226eb7248e2c915062328e0b166cea24e7b4ee4b3eb5c7d1
8091c6c17750f7d04f42c64a9a167ede769848456807a6aebbad4385c2c9f793
8970ba9af5b39727ac25d42ab540c42ae7f58de4011fadb8efd2f5f317a8d575
afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0
b26e23b65ebda6a7d7024e80bfbf784ebf42a29b7fcf9c93f312e22d7c2bd5b9
c53bda952fa4ca1869dfb4fd7db948ef87f1a8c8f2e6633e2320465f01f0829f
d3eefd5709b25e1bb1129cccb1da22e54816cb2d15a2ed4cfa045b57579a7ef8
d4ad30d41c5afeae4172627646f736703674043dd7e08f9f717602f697b1003e
d51db2cca53687878555ae80c1a1c33b8cffa9e3d72a0b7841a6ce8036bef506
d5d661994f253547b877fd318e16164e895ec15494850cc9d8628529f805c1f0
e2e210d6b6eb8296ce05ecfa97010e10062973824adc46e4e496a7f9a23dbe67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f093971590dc0d67084f2a085b3a628639727b2950288cd95e3117e9e307a4bf