plum.gift Open in urlscan Pro
52.221.38.237  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 0HbuqmJEHbzk2YGB Show response plum.gift/	3 KB 2 KB	771ms 88ms	Document text/html	52.221.38.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/0HbuqmJEHbzk2YGB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.221.38.237 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-221-38-237.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 5326d6b0ecdf49e1f6fa21c5e19bcc71693fc9ebfd85f3ecf8f5b6c542a03346 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers access-control-allow-origin * * cache-control public, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 25 Feb 2024 22:11:21 GMT etag W/"cbd-18c5997d560" last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express
GET H2	200	t.js Show response cdn.trackjs.com/agent/v3/latest/	29 KB 11 KB	516ms 32ms	Script application/javascript	138.199.46.68 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.trackjs.com/agent/v3/latest/t.js Requested by Host: plum.gift URL: https://plum.gift/0HbuqmJEHbzk2YGB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.46.68 Singapore, Singapore, ASN60068 (CDN77 _, GB), Reverse DNS 138-199-46-68.bunnyinfra.net Software BunnyCDN-SG1-868 / Resource Hash 3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:22 GMT x-amz-meta-cache-control s-max-age=3600, max-age=604800, public content-encoding br cdn-edgestorageid 868 x-amz-request-id B9WBVAFB88V3V8ZQ x-amz-server-side-encryption AES256 x-amz-meta-content-type application/javascript cdn-cachedat 12/06/2023 20:10:09 cdn-pullzone 1606702 x-amz-id-2 vJyrpBQzc2irB8xSQftS672JkmQ0K6OtXhCC01e6p7NU63bJuLtHGsIitQr3zPZKkIXDr/PaSh4= last-modified Wed, 06 Dec 2023 15:35:37 GMT server BunnyCDN-SG1-868 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"f62a120cfe36e652de667aaed72b7815" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid cd4e6a4c-6811-495a-bea9-94fbb4c46859 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=604800, s-max-age=3600 cdn-requestid bb30e8eb4e507428bb471019780b10f1 cdn-requestcountrycode SG access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	weglot.min.js Show response cdn.weglot.com/	119 KB 42 KB	552ms 42ms	Script application/javascript	104.18.7.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.js Requested by Host: plum.gift URL: https://plum.gift/0HbuqmJEHbzk2YGB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.7.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39c3108383ffb834ba5f85b80d9411655bfabcac31f7fdd73e30a9bfc44cffd1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:22 GMT content-encoding gzip via 1.1 8af08d6ec66000b2d5447ed79b9915e8.cloudfront.net (CloudFront) x-amz-version-id null cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop KUL50-C1 age 1586 x-cache Hit from cloudfront last-modified Wed, 21 Feb 2024 13:18:49 GMT server cloudflare etag W/"b702264b56ebab890747713bffecb270" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=1800 cf-ray 85b3489ea8dc3f8c-SIN x-amz-cf-id dK8btUf1ZGKHO64n0iA4ATkgRMvOk5gqH93k6C77Eef3WKSPZ3ccaA== expires Sun, 25 Feb 2024 22:41:22 GMT
GET H2	200	2.969afb3d.chunk.css plum.gift/static/css/	150 KB 150 KB	93ms 92ms	Stylesheet text/css	52.221.38.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/css/2.969afb3d.chunk.css Requested by Host: plum.gift URL: https://plum.gift/0HbuqmJEHbzk2YGB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.221.38.237 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-221-38-237.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 85ed30f8e67e750ecec24cff995c66a24e1d4f981ae88c219457bc686ee23ceb Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/0HbuqmJEHbzk2YGB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:21 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"257f8-18c5997d560" content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 153592
GET H2	200	main.1d383829.chunk.css plum.gift/static/css/	44 KB 45 KB	152ms 151ms	Stylesheet text/css	52.221.38.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/css/main.1d383829.chunk.css Requested by Host: plum.gift URL: https://plum.gift/0HbuqmJEHbzk2YGB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.221.38.237 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-221-38-237.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 87463c013d1583a79efb1719072faa4d52e98a20f07d700ec7722842d3862a96 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/0HbuqmJEHbzk2YGB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:21 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"b19e-18c5997d560" content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 45470
GET H2	200	2.de53e299.chunk.js Show response plum.gift/static/js/	564 KB 565 KB	153ms 152ms	Script application/javascript	52.221.38.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/js/2.de53e299.chunk.js Requested by Host: plum.gift URL: https://plum.gift/0HbuqmJEHbzk2YGB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.221.38.237 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-221-38-237.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 9fb1c41b206c5d8239676cd5c6993cf13b0a83f93963ba495ca430c374d1db4f Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/0HbuqmJEHbzk2YGB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:21 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"8cf5b-18c5997d560" content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 577371
GET H2	200	main.f82dcaab.chunk.js Show response plum.gift/static/js/	129 KB 130 KB	152ms 152ms	Script application/javascript	52.221.38.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://plum.gift/static/js/main.f82dcaab.chunk.js Requested by Host: plum.gift URL: https://plum.gift/0HbuqmJEHbzk2YGB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.221.38.237 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-221-38-237.ap-southeast-1.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Express Resource Hash e4283186384bf12b75804d8672798dcef0a83e049e44e80b063865955bf81724 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/0HbuqmJEHbzk2YGB User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:21 GMT last-modified Mon, 11 Dec 2023 15:56:12 GMT server nginx/1.18.0 (Ubuntu) x-powered-by Express etag W/"2052c-18c5997d560" content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes content-length 132396
GET H2	200	fae9f07765496a53dbbaf34855be5d376.json Show response cdn.weglot.com/projects-settings/	4 KB 1 KB	506ms 65ms	Fetch application/json	104.18.7.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/projects-settings/fae9f07765496a53dbbaf34855be5d376.json Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.7.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f884e6930f59f8376bfec551e14b2166b0d5821a150fd826c2d573937717928 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:22 GMT x-amz-version-id null content-encoding gzip cf-cache-status DYNAMIC via 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront) strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop SIN5-C1 age 7900 x-cache Hit from cloudfront last-modified Thu, 12 Oct 2023 13:36:14 GMT server cloudflare etag W/"192001cabdab6c4e308187ff8ca8b4f8" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json access-control-allow-origin * cf-ray 85b348a1fc8f5cdd-SIN x-amz-cf-id MjgaVk40zhkRyWZFrt12i_rvJ6emuySlYNU-hBbT4DbHJgIJegcWbA==
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	492ms 53ms	Stylesheet text/css	74.125.200.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap Requested by Host: plum.gift URL: https://plum.gift/static/css/main.1d383829.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f95.1e100.net Software ESF / Resource Hash e44a40a0f646fdcbda0fbc9306cc1c2a070c6e38718faa7efd5be6b9f06b4996 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 25 Feb 2024 22:11:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 25 Feb 2024 21:53:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 25 Feb 2024 22:11:22 GMT
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	518ms 65ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: plum.gift URL: https://plum.gift/static/css/main.1d383829.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:22 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 993 age 7760594 cdn-cachedat 10/31/2023 18:57:33 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"269550530cc127b6aa5a35925a7de6ce" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 250871d3528756a1ee847a3a200f969c timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 85b348a22c993fcc-SIN cdn-requestpullsuccess True
GET H2	200	weglot.min.css cdn.weglot.com/	28 KB 5 KB	34ms 34ms	Stylesheet text/css	104.18.7.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.css?v=4 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.7.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:22 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT via 1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront) strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop SIN5-C1 age 7518591 x-cache Hit from cloudfront last-modified Tue, 21 Nov 2023 14:36:53 GMT server cloudflare etag W/"396483c84619a8b59a272ec60b4059c4" vary Accept-Encoding access-control-allow-methods GET content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 85b348a25b343f8c-SIN x-amz-cf-id EAiiXg4RHZ-G9yA6KM92KewTWdKEC4WZqcgbLF5jUL34lWbSOVsz6g== expires Mon, 24 Feb 2025 22:11:22 GMT
OPTIONS H2	200	link_status stores.xoxoday.com/chef/api/public/graph/stores/	0 0	663ms 76ms	Preflight	104.18.30.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores.xoxoday.com/chef/api/public/graph/stores/link_status Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.30.19 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,lng,pltfm Access-Control-Request-Method POST Origin https://plum.gift Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization access-control-allow-origin https://plum.gift cf-cache-status DYNAMIC cf-ray 85b348a6bb66470f-SIN content-length 0 content-security-policy-report-only script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=sydpe6A2rvtukBCSYt9JPJtAVLcb3pv2brxvANZaqAM-1708899083-1.0-AcvBoheND71OCF2F8l7YXa5hYl77hh2f3NKHIJOK3cx8jM3WFOCWRSRNYMVPf4VcoZAHHcvfzSCP8PdubRn-jD3-qmKYA9gf3nnaoH9W0wbwxX8Yp6zitI18vGfXJiQKBrR83ld-8GKZl7_PhPws91ptzNWgM74l3NuBHF9Zz3fq; report-to cf-csp-endpoint date Sun, 25 Feb 2024 22:11:23 GMT report-to {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=sydpe6A2rvtukBCSYt9JPJtAVLcb3pv2brxvANZaqAM-1708899083-1.0-AcvBoheND71OCF2F8l7YXa5hYl77hh2f3NKHIJOK3cx8jM3WFOCWRSRNYMVPf4VcoZAHHcvfzSCP8PdubRn-jD3-qmKYA9gf3nnaoH9W0wbwxX8Yp6zitI18vGfXJiQKBrR83ld-8GKZl7_PhPws91ptzNWgM74l3NuBHF9Zz3fq"}],"group":"cf-csp-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block xoxo-tracer-id 85b348a6bb66470f-SIN
POST H2	200	link_status Show response stores.xoxoday.com/chef/api/public/graph/stores/	2 KB 2 KB	888ms 106ms	Fetch application/json	104.18.30.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores.xoxoday.com/chef/api/public/graph/stores/link_status Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.30.19 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d530ae8266fd1b835ffa3fee45f18cbc07995ddf8126fda2976ba1b57ec4a6b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://plum.gift/ accept-language zh-SG,zh;q=0.9 lng en pltfm 4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type application/json Response headers date Sun, 25 Feb 2024 22:11:24 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip x-dns-prefetch-control off x-xss-protection 1; mode=block server cloudflare etag W/"7d8-Ah3IV/vZ3AiiN+pYfx9mmWzMCog" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://plum.gift access-control-allow-credentials true xoxo-tracer-id 85b348ac1dab8856-SIN cf-ray 85b348ac1dab8856-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, a_t, Set-Cookie, lng, pltfm, hash, csrf, authorization
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	596ms 47ms	Font font/woff2	74.125.68.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f94.1e100.net Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://plum.gift accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Thu, 22 Feb 2024 05:52:53 GMT x-content-type-options nosniff age 317910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Feb 2025 05:52:53 GMT
POST H2	200	pageviews api.weglot.com/	2 B 0	792ms 257ms	Fetch application/json	104.18.7.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.weglot.com/pageviews?api_key=wg_fae9f07765496a53dbbaf34855be5d376 Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.7.32 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'nonce-e91c3f788794a53020d4b6dec9dabac3' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://plum.gift/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 25 Feb 2024 22:11:23 GMT content-security-policy script-src 'nonce-e91c3f788794a53020d4b6dec9dabac3' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status DYNAMIC x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin * cache-control max-age=0, must-revalidate, no-store, private permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 85b348a66a618202-SIN access-control-allow-headers Content-Type expires Sun, 25 Feb 2024 22:11:23 GMT
GET H/1.1	200 OK	usage.gif usage.trackjs.com/	43 B 229 B	1439ms 355ms	Image image/gif	138.197.155.84 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://usage.trackjs.com/usage.gif?token=243963c89e634a1dbb45c346bbc856d6&correlationId=1aa5df36-d21a-453b-8abd-73f2802bf858&application=plum_gift&x=dfc986d7-7c4e-4121-9181-55b741213872& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.197.155.84 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS prd-usage-1.tjsint.net Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Date Sun, 25 Feb 2024 22:11:24 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	xoxoday_logo_png.png res.cloudinary.com/dyyjph6kx/image/upload/v1639122457/store/Logo/	7 KB 7 KB	978ms 414ms	Image image/png	104.19.167.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/dyyjph6kx/image/upload/v1639122457/store/Logo/xoxoday_logo_png.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4225e5069383e32899e536aae4f5b649b5aa4be173df4403b123a7bae4eed711 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:25 GMT strict-transport-security max-age=604800 x-content-type-options nosniff server-timing cld-cloudflare;dur=342;start=2024-02-25T22:11:24.878Z;desc=miss,rtt;dur=15,content-info;desc="width=299,height=104,bytes=7340,o=1,ef=(17);";cloudinary;dur=69;start=2024-02-25T22:11:25.026Z content-length 7340 last-modified Thu, 21 Dec 2023 13:13:18 GMT server cloudflare etag "8abae3d5a9c12060a61992cdedeb9290" vary Accept-Encoding content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,Vary,x-content-type-options cache-control public, no-transform, immutable, max-age=2592000 accept-ranges bytes cf-ray 85b348b07a923f87-SIN timing-allow-origin *
GET H2	200	phpb1CT3G_a7cken.jpg res.cloudinary.com/dyyjph6kx/image/upload/gift_vouchers/	669 KB 670 KB	661ms 98ms	Image image/jpeg	104.19.167.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/dyyjph6kx/image/upload/gift_vouchers/phpb1CT3G_a7cken.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a6f3b900c9dcf470c9293d27e915ab10e6d996385d91f64fdd5065621efa8ef Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://plum.gift/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:24 GMT strict-transport-security max-age=604800 x-content-type-options nosniff server-timing cld-cloudflare;dur=14;start=2024-02-25T22:11:24.883Z;desc=hit,rtt;dur=15,content-info;desc="width=1000,height=666,owidth=1000,oheight=666,obytes=685288;" content-length 685288 last-modified Wed, 16 Mar 2022 11:25:16 GMT server cloudflare etag "0250388b3faf57f057a400e536a49558" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,Vary,x-content-type-options cache-control public, no-transform, max-age=2592000 accept-ranges bytes cf-ray 85b348b07a913f87-SIN timing-allow-origin *
GET H2	200	/ Show response ipapi.co/json/	758 B 865 B	1029ms 470ms	XHR application/json	104.26.9.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipapi.co/json/ Requested by Host: cdn.trackjs.com URL: https://cdn.trackjs.com/agent/v3/latest/t.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.26.9.44 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6055900a25d1a57170d7415036789cfc1503ea4277b2f024981eb18555db895f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://plum.gift/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 22:11:25 GMT content-encoding br x-content-type-options nosniff referrer-policy same-origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Host, origin allow GET, HEAD, OPTIONS, POST, OPTIONS content-type application/json access-control-allow-origin https://plum.gift report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFZ5Ex%2Be%2F7dQa7%2BMGMF2DvDrWEeh36M1Yg%2B4WysOanpnX2TTKGPcNtyeZNXnCnoaseUXG1hN%2Bmzjew33PzTdQiVnsqAkOkHsDrEf6XhF7RV%2FVTaGElLhm0l6"}],"group":"cf-nel","max_age":604800} x-frame-options DENY cf-ray 85b348b07f5b5fc7-SIN

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trackJs object| TrackJS object| Weglot object| webpackJsonpwebapp function| setImmediate function| clearImmediate object| regeneratorRuntime

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xoxoday.com/	1970-01-20 18:41:40	Name: __cf_bm Value: cT6_a1qELkPgrMr7InyEGtKpWzS2wkC2LNXNJfFAorI-1708899084-1.0-AdPTuGfat1f2E3JqcUkSbTijlzsiOaNbNDgGDiJP7aShS9vk2QfZq6kUhMK3704dso3vgIkce2hDVbPUK/LxrHk=
			.xoxoday.com/	1969-12-31 23:59:59	Name: _cfuvid Value: FiD5MyLXURmFxtHmQv7R1cuoLo_SE8n06lYHISsF0Zs-1708899084233-0.0-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://plum.gift/0HbuqmJEHbzk2YGB Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://plum.gift/0HbuqmJEHbzk2YGB Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.weglot.com
cdn.trackjs.com
cdn.weglot.com
fonts.googleapis.com
fonts.gstatic.com
ipapi.co
plum.gift
res.cloudinary.com
stackpath.bootstrapcdn.com
stores.xoxoday.com
usage.trackjs.com
104.18.11.207
104.18.30.19
104.18.7.32
104.19.167.65
104.26.9.44
138.197.155.84
138.199.46.68
52.221.38.237
74.125.200.95
74.125.68.94
1f884e6930f59f8376bfec551e14b2166b0d5821a150fd826c2d573937717928
3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506
39c3108383ffb834ba5f85b80d9411655bfabcac31f7fdd73e30a9bfc44cffd1
4225e5069383e32899e536aae4f5b649b5aa4be173df4403b123a7bae4eed711
4a6f3b900c9dcf470c9293d27e915ab10e6d996385d91f64fdd5065621efa8ef
5326d6b0ecdf49e1f6fa21c5e19bcc71693fc9ebfd85f3ecf8f5b6c542a03346
6055900a25d1a57170d7415036789cfc1503ea4277b2f024981eb18555db895f
6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85ed30f8e67e750ecec24cff995c66a24e1d4f981ae88c219457bc686ee23ceb
87463c013d1583a79efb1719072faa4d52e98a20f07d700ec7722842d3862a96
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8d530ae8266fd1b835ffa3fee45f18cbc07995ddf8126fda2976ba1b57ec4a6b
9fb1c41b206c5d8239676cd5c6993cf13b0a83f93963ba495ca430c374d1db4f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e4283186384bf12b75804d8672798dcef0a83e049e44e80b063865955bf81724
e44a40a0f646fdcbda0fbc9306cc1c2a070c6e38718faa7efd5be6b9f06b4996