urlscan.io logo urlscan.io
SecurityTrails logo

dexter-gift.santuy-ngopi.com Open in urlscan Pro
131.153.78.138  Public Scan

Go To Rescan Add Verdict Report
URL: http://dexter-gift.santuy-ngopi.com/
Submission Tags: krdprod
Submission: On March 17 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 7 countries across 22 domains to perform 33 HTTP transactions. The main IP is 131.153.78.138, located in Singapore and belongs to PHOENIXNAP-AS-SG1 PhoenixNAP, SG. The main domain is dexter-gift.santuy-ngopi.com.
This is the only time dexter-gift.santuy-ngopi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 131.153.78.138 59210 (PHOENIXNA...)
1 2404:6800:400... 15169 (GOOGLE)
1 99.84.128.52 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:2800:10c... 15133 (EDGECAST)
5 151.101.24.193 54113 (FASTLY)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 2404:6800:400... 15169 (GOOGLE)
1 1 212.102.50.51 60068 (CDN77 ^_^)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 72.167.53.220 398101 (GO-DADDY-...)
2 46.105.201.240 16276 (OVH)
1 2404:6800:401... 15169 (GOOGLE)
1 192.99.13.63 16276 (OVH)
1 2 158.69.139.226 16276 (OVH)
2 51.89.99.21 16276 (OVH)
1 13.225.183.71 16509 (AMAZON-02)
1 18.65.200.111 16509 (AMAZON-02)
2 18.65.181.21 16509 (AMAZON-02)
1 138.197.56.196 14061 (DIGITALOC...)
1 23.10.5.240 20940 (AKAMAI-ASN1)
4 4 141.94.170.64 16276 (OVH)
2 2 3.114.95.219 ()
2 2 13.251.231.78 ()
1 18.177.116.10 ()
1 52.77.161.92 ()
33 23
1    131.153.78.138 (Singapore)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
PTR: nur.mekanikserver.com
dexter-gift.santuy-ngopi.com
1    2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    99.84.128.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-128-52.nrt57.r.cloudfront.net
www.launchaco.com
2    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
apis.google.com
1    2404:6800:4004:81d::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:2800:10c:c88c:512a:3124:2bde:8038 (United States)

ASN15133 (EDGECAST, US)
userscontent2.emaze.com
5    151.101.24.193 (Los Angeles, United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    212.102.50.51 (Tokyo, Japan)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-600.bunnyinfra.net
cdn.rawgit.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    72.167.53.220 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-72-167-53-220.ip.secureserver.net
respect-mag.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    2404:6800:4012:2::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.99.13.63 (Brossard, Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
s4.histats.com
2    158.69.139.226 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip226.ip-158-69-139.net
e.dtscout.com
2    51.89.99.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163187.ip-51-89-99.eu
t.dtscout.com
1    13.225.183.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-71.nrt57.r.cloudfront.net
get.s-onetag.com
1    18.65.200.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-200-111.nrt57.r.cloudfront.net
onetag-geo.s-onetag.com
2    18.65.181.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-181-21.nrt57.r.cloudfront.net
tags.crwdcntrl.net
1    138.197.56.196 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
t.dtscdn.com
1    23.10.5.240 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-5-240.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
2    3.114.95.219 (None, )

ASN- ()
loada.exelator.com
2    13.251.231.78 (None, )

ASN- ()
sync.crwdcntrl.net
1    18.177.116.10 (None, )

ASN- ()
ps.eyeota.net
1    52.77.161.92 (None, )

ASN- ()
bcp.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2150
sync.crwdcntrl.net
bcp.crwdcntrl.net
16 KB
5 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5401
1 MB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1868
2 KB
4 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 16837
t.dtscout.com — Cisco Umbrella Rank: 13991
10 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 17418
s4.histats.com — Cisco Umbrella Rank: 14980
11 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 620
38 KB
2 exelator.com
loada.exelator.com
2 KB
2 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 2783
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3383
11 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 83
72 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 251
35 KB
1 eyeota.net
ps.eyeota.net
344 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 404
425 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15718
407 B
1 gstatic.com
fonts.gstatic.com
8 KB
1 respect-mag.com
respect-mag.com — Cisco Umbrella Rank: 869245
196 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
4 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 7542
665 B
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 16525
50 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 3926
459 B
1 emaze.com
userscontent2.emaze.com — Cisco Umbrella Rank: 195596
9 KB
1 launchaco.com
www.launchaco.com
14 KB
1 santuy-ngopi.com
dexter-gift.santuy-ngopi.com
6 KB
33 22
Domain Requested by
5 i.imgur.com dexter-gift.santuy-ngopi.com
4 pixel.onaudience.com 4 redirects
3 maxcdn.bootstrapcdn.com dexter-gift.santuy-ngopi.com
2 sync.crwdcntrl.net 2 redirects
2 loada.exelator.com 2 redirects
2 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
2 t.dtscout.com e.dtscout.com
2 e.dtscout.com 1 redirects dexter-gift.santuy-ngopi.com
2 s10.histats.com dexter-gift.santuy-ngopi.com
s10.histats.com
2 apis.google.com dexter-gift.santuy-ngopi.com
apis.google.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ps.eyeota.net dexter-gift.santuy-ngopi.com
1 tags.bluekai.com dexter-gift.santuy-ngopi.com
1 t.dtscdn.com e.dtscout.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com e.dtscout.com
1 s4.histats.com s10.histats.com
1 fonts.gstatic.com fonts.googleapis.com
1 respect-mag.com dexter-gift.santuy-ngopi.com
1 cdn.jsdelivr.net dexter-gift.santuy-ngopi.com
1 cdn.rawgit.com 1 redirects
1 blogger.googleusercontent.com dexter-gift.santuy-ngopi.com
1 bit.ly 1 redirects
1 userscontent2.emaze.com dexter-gift.santuy-ngopi.com
1 ajax.googleapis.com dexter-gift.santuy-ngopi.com
1 www.launchaco.com dexter-gift.santuy-ngopi.com
1 fonts.googleapis.com dexter-gift.santuy-ngopi.com
1 dexter-gift.santuy-ngopi.com
33 28
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.launchaco.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.emaze.com
Go Daddy Secure Certificate Authority - G2		 2022-01-14 -
2023-02-15		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
respect-mag.com
Starfield Secure Certificate Authority - G2		 2021-08-15 -
2022-08-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
histats.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.dtscdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-04 -
2022-12-04		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh

This page contains 2 frames:

Primary Page: http://dexter-gift.santuy-ngopi.com/
Frame ID: 570679993553001948D77E898D925B31
Requests: 32 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001647475224277FABD58E662016F7
Frame ID: 4B646634BA67EA7EA5890568009EFA66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

❣ Ellen DeGeneres Gift! ❣ DEXTERRR

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

33
Requests

79 %
HTTPS

29 %
IPv6

22
Domains

28
Subdomains

23
IPs

7
Countries

1919 kB
Transfer

2386 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://bit.ly/3yH4txo HTTP 301
  • https://blogger.googleusercontent.com/img/a/AVvXsEi16kw6DVkducDA_sG-FAJGU4Rz1lOMr12yvdo8YAntUqYs9OBzwZifcMOM8xVcU3iUlBDjo8KBWptO0BNtfILvO3sA6k6WquvnzJ5ijpOnKYGZhXNF68rhy1FYPgPYFXpg3cMRXZL8XAjYoLfarvH8UuXU3PoxBaWpL8clsFkJ1Bw_A8N9xBGPrJpSDQ=w621-h326
Request Chain 14
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju-2.js HTTP 301
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju-2.js
Request Chain 21
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j= HTTP 301
  • https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Request Chain 29
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001647475224277FABD58E662016F7 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=450f730e65c0449aaf2f83b19dafbf62&gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=c83e9d7242f1a86076261f41704f6116&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
  • https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d6958a8dfa1edb0d

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dexter-gift.santuy-ngopi.com/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dexter-gift.santuy-ngopi.com/
Protocol
HTTP/1.1
Server
131.153.78.138 , Singapore, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
nur.mekanikserver.com
Software
LiteSpeed /
Resource Hash
2b22683c7bb6ae6768fcc91875802903e0ce108bba5af436b821cc1780ad74bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-type
text/html
last-modified
Thu, 10 Mar 2022 09:07:55 GMT
etag
"47a5-6229bfeb-e32a632c536289d5;gz"
accept-ranges
bytes
content-encoding
gzip
vary
Accept-Encoding,User-Agent
content-length
5572
date
Thu, 17 Mar 2022 00:00:21 GMT
server
LiteSpeed
css
fonts.googleapis.com/ 		2 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe3fd5ca8d8d6dcdbaf3384e7c92183d21ee8faefffaa483c11153d48d5556bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 23:53:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 00:00:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 00:00:22 GMT
AllTemplates.min.css
www.launchaco.com/static/ 		65 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.launchaco.com/static/AllTemplates.min.css
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.128.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-128-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdecf0171609fc54f6b4ce8c8f03cc67f4fbe8f8e01fa3ef5782c7802e9c9c6a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 27 Aug 2021 22:03:30 GMT
server
AmazonS3
age
65125
etag
W/"1b5e678932dca889364e7e1d8289b7c6"
x-frame-options
DENY
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 e547c32d3950bb9fc00d08713c96bea4.cloudfront.net (CloudFront)
date
Wed, 16 Mar 2022 05:54:57 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
IfVkFOY6VCbIVTp8_jGbJxPUn13Ua7Gsv13-qrmT_5ihD26n3v9gdA==
x-xss-protection
1
plusone.js
apis.google.com/js/ 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc8bdef3f522588182f028f48a25bb333560d5316105c072de946111c5834b8f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20542
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 17 Mar 2022 00:00:22 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"12159e95d61fd127"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 00:00:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
HTTP/1.1
Server
2404:6800:4004:81d::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 23:24:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
261371
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
34056
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 13 Mar 2023 23:24:11 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://dexter-gift.santuy-ngopi.com/
Origin
http://dexter-gift.santuy-ngopi.com
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
603, 617, 617, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 11:00:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
21201b0de09792f91f6f41d6992d6de5
cf-ray
6ed172a988638099-NRT
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://dexter-gift.santuy-ngopi.com/
Origin
http://dexter-gift.santuy-ngopi.com
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
603
access-control-allow-origin
*
cdn-cachedat
02/22/2022 19:16:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
13318def87862d6f762f48c0d9975c7d
cf-ray
6ed172a988628099-NRT
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
637, 617, 617
age
22369702
cdn-cachedat
2021-06-08 12:29:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2b11b82c7ff9f60656e875c7af055eda
cf-ray
6ed172a98ae93408-NRT
cdn-requestcountrycode
AU
cdn-requestpullsuccess
True
88bf2cd9da2e3b94962d5d741979226b.gif
userscontent2.emaze.com/images/bf46be59-4fc0-43b5-b751-d654d52860ba/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://userscontent2.emaze.com/images/bf46be59-4fc0-43b5-b751-d654d52860ba/88bf2cd9da2e3b94962d5d741979226b.gif
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:10c:c88c:512a:3124:2bde:8038 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
UploadServer /
Resource Hash
98271d6681e53ee3df365603eefad38a31a196647e0288559bc2f069b0f0a37b

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-guploader-uploadid
ADPycdu71kL1v1vqGWL-KFBZJde9vKFWDc0oHvkOpKcJImQtap_X4wFP5ReCuMljRjQEq31E5Z37oBilpj5YiD-S8IuiIBD6Ig
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
8811
last-modified
Tue, 26 Feb 2019 08:43:20 GMT
server
UploadServer
etag
"88bf2cd9da2e3b94962d5d741979226b"
vary
Origin
x-goog-hash
crc32c=cEddqQ==, md5=iL8s2douO5SWLV10GXkiaw==
x-goog-generation
1551170600518536
cache-control
public, max-age=3600
x-goog-stored-content-length
8811
accept-ranges
bytes
content-type
image/gif
expires
Thu, 17 Mar 2022 01:00:23 GMT
Zp3W7TR.gif
i.imgur.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Zp3W7TR.gif
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b0f4540948cd64a5952d75875c42dc63bfb56713ee9811684c3891c142c420b0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-content-type-options
nosniff
age
2144575
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
1186651
x-served-by
cache-iad-kiad7000133-IAD, cache-lax10651-LGB
last-modified
Tue, 28 Sep 2021 23:54:18 GMT
server
cat factory 1.0
x-timer
S1647475223.541284,VS0,VE5
etag
"fd100ed0474355822c5f2a2bbd64e07e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
AVvXsEi16kw6DVkducDA_sG-FAJGU4Rz1lOMr12yvdo8YAntUqYs9OBzwZifcMOM8xVcU3iUlBDjo8KBWptO0BNtfILvO3sA6k6WquvnzJ5ijpOnKYGZhXNF68rhy1FYPgPYFXpg3cMRXZL8XAjYoLfarvH8UuXU3PoxBaWpL8clsFkJ1Bw_A8N9xBGPrJpSDQ=w6...
blogger.googleusercontent.com/img/a/
Redirect Chain
  • https://bit.ly/3yH4txo
  • https://blogger.googleusercontent.com/img/a/AVvXsEi16kw6DVkducDA_sG-FAJGU4Rz1lOMr12yvdo8YAntUqYs9OBzwZifcMOM8xVcU3iUlBDjo8KBWptO0BNtfILvO3sA6k6WquvnzJ5ijpOnKYGZhXNF68rhy1FYPgPYFXpg3cMRXZL8XAjYoLfar...
49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEi16kw6DVkducDA_sG-FAJGU4Rz1lOMr12yvdo8YAntUqYs9OBzwZifcMOM8xVcU3iUlBDjo8KBWptO0BNtfILvO3sA6k6WquvnzJ5ijpOnKYGZhXNF68rhy1FYPgPYFXpg3cMRXZL8XAjYoLfarvH8UuXU3PoxBaWpL8clsFkJ1Bw_A8N9xBGPrJpSDQ=w621-h326
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
682eb98c15332f008813c2ac81a43da8ed9b7e9fe0dd8bb2ae66cf2c56481459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v82"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="WhatsApp Image 2021-11-28 at 21.11.24.jpeg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50654
x-xss-protection
0
expires
Fri, 18 Mar 2022 00:00:22 GMT

Redirect headers

content-security-policy
referrer always;
via
1.1 google
referrer-policy
unsafe-url
server
nginx
date
Thu, 17 Mar 2022 00:00:22 GMT
content-type
text/html; charset=utf-8
location
https://blogger.googleusercontent.com/img/a/AVvXsEi16kw6DVkducDA_sG-FAJGU4Rz1lOMr12yvdo8YAntUqYs9OBzwZifcMOM8xVcU3iUlBDjo8KBWptO0BNtfILvO3sA6k6WquvnzJ5ijpOnKYGZhXNF68rhy1FYPgPYFXpg3cMRXZL8XAjYoLfarvH8UuXU3PoxBaWpL8clsFkJ1Bw_A8N9xBGPrJpSDQ=w621-h326
cache-control
private, max-age=90
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
aQjRp8q.png
i.imgur.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/aQjRp8q.png
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8c086db91166da615a5b577a652011b6d152c78c78280c88acab2ade41296767
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-content-type-options
nosniff
age
1877146
x-cache
HIT, HIT
content-length
21237
x-served-by
cache-iad-kiad7000177-IAD, cache-lax10651-LGB
last-modified
Fri, 08 Oct 2021 01:51:24 GMT
server
cat factory 1.0
x-timer
S1647475223.541345,VS0,VE2
etag
"b675d305573efb7cb498ab49968c08d1"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
1E1RrzT.png
i.imgur.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/1E1RrzT.png
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
36a1eb443e2df2cd366843e5fc4401d1d76f6ea152565278e58d7d8a4c62c0ca
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-content-type-options
nosniff
age
3164996
x-cache
HIT, HIT
content-length
13741
x-served-by
cache-iad-kiad7000137-IAD, cache-lax10651-LGB
last-modified
Fri, 08 Oct 2021 01:53:35 GMT
server
cat factory 1.0
x-timer
S1647475223.541482,VS0,VE2
etag
"e14d0ec201e50e480cede6b53636bd0e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
wfPwX3E.png
i.imgur.com/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/wfPwX3E.png
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b22842737e6d2c5032e59af9137591e9b68908aefac3283123bce1e289778c8c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-content-type-options
nosniff
age
66483
x-cache
HIT, HIT
content-length
75288
x-served-by
cache-iad-kjyo7100047-IAD, cache-lax10651-LGB
last-modified
Fri, 08 Oct 2021 01:40:31 GMT
server
cat factory 1.0
x-timer
S1647475223.541529,VS0,VE2
etag
"cbb06929267f3624d056e998976547ef"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
FDoPEB0.png
i.imgur.com/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/FDoPEB0.png
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.24.193 Los Angeles, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
dc8f4852694166f4384257b4c0972514a8a43543ae2094cd3d0627ebe291328c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-content-type-options
nosniff
age
2465085
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
173839
x-served-by
cache-iad-kiad7000084-IAD, cache-lax10651-LGB
last-modified
Thu, 07 Oct 2021 06:30:05 GMT
server
cat factory 1.0
x-timer
S1647475223.541442,VS0,VE2
etag
"719d28f0c38fcf5f29b86cdef2b626dd"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
efek-salju-2.js
cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/
Redirect Chain
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju-2.js
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju-2.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju-2.js
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fdfd72eedc7471dc2fde498180954eeb42ccddd83430149f33e75f6dd5a675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
19092
x-jsd-version
2a7805c7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-tyo11983-TYO
timing-allow-origin
*
x-jsd-version-type
branch
server
cloudflare
etag
W/"24f3-iBZqLWu2X1pvvWf6yIihYey4cTw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ed172aab97f3469-NRT

Redirect headers

date
Thu, 17 Mar 2022 00:00:22 GMT
x-content-type-options
nosniff
cdn-edgestorageid
600
age
65208
access-control-expose-headers
*
x-cache
MISS, HIT
cdn-cachedat
03/17/2022 00:00:22
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
108
server
BunnyCDN-JP1-600
x-served-by
cache-fra19155-FRA, cache-chi-kigq8000158-CHI
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-requestpullcode
301
location
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju-2.js
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
cdn-cache
EXPIRED
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
a676f15c683f12421ac1ea2c843e370b
timing-allow-origin
*
cdn-requestcountrycode
NL
cdn-status
301
cdn-requestpullsuccess
True
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.NnK9YPjtg-w.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9KePDGVlGjp-rlXwDM1kUO2Eh4gg/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.NnK9YPjtg-w.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9KePDGVlGjp-rlXwDM1kUO2Eh4gg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
060c781637b103bea9893e18a67340d20056d8c8c0382d8153d750a3f57a0494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52394
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 22:59:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Mar 2023 22:46:14 GMT
233733.gif
respect-mag.com/wp-content/uploads/2020/10/ 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://respect-mag.com/wp-content/uploads/2020/10/233733.gif
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.167.53.220 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
ip-72-167-53-220.ip.secureserver.net
Software
nginx / PleskLin
Resource Hash
3942b922ee00f7a942e798f4b3b680ab3eeceb98b6016dadaa044beceebcedc8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:23 GMT
last-modified
Sat, 17 Oct 2020 15:53:04 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f8b1360-31086"
content-type
image/gif
accept-ranges
bytes
content-length
200838
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 23:51:48 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
14063
content-type
text/javascript
x-cdn-pop
bhs
accept-ranges
bytes
x-iplb-request-id
1FCC91AB:DBA6_2E69C9F0:0050_62327A17_3ABCE:1EC88
content-length
4547
x-request-id
811632224
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4012:2::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://dexter-gift.santuy-ngopi.com
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 00:12:34 GMT
x-content-type-options
nosniff
age
604068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:17:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Mar 2023 00:12:34 GMT
0.php
s4.histats.com/stats/ 		376 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4626774&@f16&@g1&@h1&@i1&@j1647475223301&@k0&@l1&@m%E2%9D%A3%20Ellen%20DeGeneres%20Gift!%20%E2%9D%A3%20DEXTERRR&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-90672153&@b3:1647475223&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 Brossard, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 00:00:23 GMT
Connection
close
Content-Length
376
Content-Type
text/html;charset=UTF-8
cc_511.js
s10.histats.com/counters/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_511.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 23:58:29 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
137.74.122.0/26
etag
"1364484781"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
bhs
accept-ranges
bytes
content-length
5984
x-request-id
163905766
/
e.dtscout.com/e/
Redirect Chain
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
  • https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
HTTP/1.1
Server
158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-158-69-139.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
154d5df42cb15b71e49ef4cc7b31c6397abf3e78e7f472ff241047338e7bfced

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 00:00:24 GMT
X-T
0.61
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl1
Expires
Thu, 17 Mar 2022 00:00:23 GMT

Redirect headers

Location
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Date
Thu, 17 Mar 2022 00:00:24 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
194
Content-Type
text/html
/
t.dtscout.com/idg/ Frame 4B64 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=6D001647475224277FABD58E662016F7
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ec23b4d336e3642b052d28c2aef99281967da2279c0c277632eb18c4d4027364

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 17 Mar 2022 00:00:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Thu, 17 Mar 2022 00:00:24 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.183.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-183-71.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
80814
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 db3d90fd7e6c6a16b47e88be13e9768c.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 16 Mar 2022 01:33:32 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
Itv3BwUVyzWKhO2sTAV2n97_fd-qELz4Srsv-RB9i6hDoSOUIo09fQ==
/
t.dtscout.com/pv/ 		50 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=dexter-gift.santuy-ngopi.com&_ss=1zr5yie0gw&_pv=1&_ls=0&_u1=1&_u3=1&_cc=jp&_pl=d&_cbid=3db9&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e084014307a195ff2f89a59fbbbd9658b1e9ee3dfef80f57f65d3f52773ebe7a

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 00:00:25 GMT
X-T
0.15
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Thu, 17 Mar 2022 00:00:24 GMT
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.200.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-200-111.nrt57.r.cloudfront.net
Software
/
Resource Hash
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:00:25 GMT
via
1.1 fe707d17f9bf2bbec18e874a73b8a21a.cloudfront.net (CloudFront), 1.1 880e379e1a56b21426587959131bb422.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C3, NRT57-P3
x-amzn-requestid
9f302d15-09f4-472d-9a70-d3adb8cb6e8e
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
PGgEBGffiYcFb5A=
content-length
555
x-amz-cf-id
OxvsAYMq4whwk2qt3BwcJufwOBXG-buLnCtSo1ii0XUXIDpyL3Xsig==
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.181.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-181-21.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 21:09:10 GMT
content-encoding
gzip
etag
W/"e8e52baa0cf6ccb764f317323674bacd"
last-modified
Wed, 23 Feb 2022 22:03:02 GMT
server
AmazonS3
age
10276
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
NRT57-P2
x-amz-cf-id
liiANBDDJpo4Zt18Nu7eX8Yibf0MR9BclQ7BG9h4CfQtwIupVtuHQw==
/
t.dtscdn.com/widget/ 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=6D001647475224277FABD58E662016F7&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&r=
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 23:42:31 GMT
X-T
0.78
x-server
web16.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Wed, 16 Mar 2022 23:42:30 GMT
27675
tags.bluekai.com/site/ 		62 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27675?id=6D001647475224277FABD58E662016F7&ret=html&phint=__bk_t%3D%E2%9D%A3%20Ellen%20DeGeneres%20Gift!%20%E2%9D%A3%20DEXTERRR&phint=__bk_l%3Dhttp%3A%2F%2Fdexter-gift.santuy-ngopi.com%2F&r=92026989
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.5.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-5-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 00:00:26 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
9edc
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
ps.eyeota.net/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001647475224277FABD58E662016F7
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=450f730e65c0449aaf2f83b19dafbf62&gdpr=1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_co...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gd...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=c83e9d7242f1a86076261f41704f6116&gdpr=1&gdpr_consent=${gdpr_consent}
  • https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgi...
  • https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d6958a8dfa1edb0d
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d6958a8dfa1edb0d
Requested by
Host: dexter-gift.santuy-ngopi.com
URL: http://dexter-gift.santuy-ngopi.com/
Protocol
HTTP/1.1
Server
18.177.116.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://dexter-gift.santuy-ngopi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 00:00:28 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d6958a8dfa1edb0d
content-length
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.181.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-181-21.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
http://dexter-gift.santuy-ngopi.com/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 00:00:30 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 22:03:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
rs3lXfaRpxbR-rVWaKalK9K3tdpoHRjHuIo1I91QwSqV-n6lAGtsOA==
via
1.1 aaaa38f6638fefc2221f20ff18eceef2.cloudfront.net (CloudFront)
data
bcp.crwdcntrl.net/6/ 		20 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.161.92 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
http://dexter-gift.santuy-ngopi.com/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 00:00:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://dexter-gift.santuy-ngopi.com
expires
0
cache-control
no-cache
x-server
10.42.7.221
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| setAttributeOnload object| gapi object| ___jsl function| $ function| jQuery object| jQuery1121024412673892079195 function| redirectCU function| redirectKK function| showAd string| message function| clickIE4 function| clickNS4 object| snowStorm boolean| autoStart boolean| excludeMobile number| flakesMax number| flakesMaxActive number| animationInterval boolean| useGPU object| className object| flakeBottom boolean| followMouse string| snowColor string| snowCharacter boolean| snowStick object| targetElement boolean| useMeltEffect boolean| useTwinkleEffect boolean| usePositionFixed boolean| usePixelPosition boolean| freezeOnBlur number| flakeLeftOffset number| flakeRightOffset number| flakeWidth number| flakeHeight number| vMaxX number| vMaxY number| zIndex object| timer object| flakes boolean| disabled boolean| active number| meltFrameCount object| meltFrames function| setXY object| events function| randomizeWind function| scrollHandler function| resizeHandler function| resizeHandlerAlt function| freeze function| resume function| toggleSnow function| show function| SnowFlake function| snow function| mouseMove function| createSnow function| timerInit function| init function| start object| _Hasync object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_511 function| histats_canvascounters_base.js object| a object| cv object| _dtspv object| __connect object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_fa function| lt3825_ga function| lt3825_ha object| lt3825_ object| lt3825_6 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_e function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_ja function| lt3825_ia function| lt3825_k function| lt3825_l function| lt3825_ka function| lt3825_m function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_oa function| lt3825_la function| lt3825_ma function| lt3825_s function| lt3825_na function| lt3825_t function| lt3825_u function| lt3825_v function| lt3825_r function| lt3825_w function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_pa function| lt3825_A function| lt3825_B function| lt3825_qa function| lt3825_C function| lt3825_D function| lt3825_E function| lt3825_ra function| lt3825_G function| lt3825_H function| lt3825_F function| lt3825_sa function| lt3825_I function| lt3825_J function| lt3825_ta function| lt3825_ua function| lt3825_K function| lt3825_va function| lt3825_wa function| lt3825_xa function| lt3825_Ba function| lt3825_ya function| lt3825_za function| lt3825_Aa function| lt3825_Ca function| lt3825_Ea function| lt3825_Da function| lt3825_L function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_M function| lt3825_N function| lt3825_O function| lt3825_P function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_T function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_2 function| lt3825_Oa function| lt3825_Qa function| lt3825_Pa function| lt3825_3 function| lt3825_Ra function| lt3825_1 function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_4 function| lt3825_5 function| lt3825_Ya function| lt3825_Za function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_2a function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_7 function| lt3825_8 function| lt3825_8a function| lt3825_9a function| lt3825_7a function| lt3825_6a function| lt3825_ab function| lt3825_$a function| lt3825_cb function| lt3825_bb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_kb function| lt3825_nb function| lt3825_mb function| lt3825_jb function| lt3825_qb function| lt3825_lb function| lt3825_ob function| lt3825_sb function| lt3825_rb function| lt3825_tb function| lt3825_pb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_9 function| lt3825_xb function| lt3825_yb function| lt3825_zb function| lt3825_Ab function| lt3825_Bb function| lt3825_$ function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_Gb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Hb

17 Cookies

Domain/Path Name / Value
dexter-gift.santuy-ngopi.com/ Name: HstCfa4626774
Value: 1647475223301
dexter-gift.santuy-ngopi.com/ Name: HstCla4626774
Value: 1647475223301
dexter-gift.santuy-ngopi.com/ Name: HstCmu4626774
Value: 1647475223301
dexter-gift.santuy-ngopi.com/ Name: HstPn4626774
Value: 1
dexter-gift.santuy-ngopi.com/ Name: HstPt4626774
Value: 1
dexter-gift.santuy-ngopi.com/ Name: HstCnv4626774
Value: 1
dexter-gift.santuy-ngopi.com/ Name: HstCns4626774
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1647475224
.dtscout.com/ Name: l
Value: 6D001647475224277FABD58E662016F7
.santuy-ngopi.com/ Name: __dtsu
Value: 6D001647475224277FABD58E662016F7
.santuy-ngopi.com/ Name: lotame_domain_check
Value: santuy-ngopi.com
.dtscdn.com/ Name: uid
Value: 6D001647475224277FABD58E662016F7
.onaudience.com/ Name: cookie
Value: 22aa05b2ab5e5096
.onaudience.com/ Name: done_redirects161
Value: 1

1 Console Messages

Source Level URL
Text
rendering error URL: http://dexter-gift.santuy-ngopi.com/(Line 412)
Message:
Error: <path> attribute d: Expected moveto path command ('M' or 'm'), "DEXTERRR2.031 35…".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
bcp.crwdcntrl.net
bit.ly
blogger.googleusercontent.com
cdn.jsdelivr.net
cdn.rawgit.com
dexter-gift.santuy-ngopi.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
i.imgur.com
loada.exelator.com
maxcdn.bootstrapcdn.com
onetag-geo.s-onetag.com
pixel.onaudience.com
ps.eyeota.net
respect-mag.com
s10.histats.com
s4.histats.com
sync.crwdcntrl.net
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
userscontent2.emaze.com
www.launchaco.com
13.225.183.71
13.251.231.78
131.153.78.138
138.197.56.196
141.94.170.64
151.101.24.193
158.69.139.226
18.177.116.10
18.65.181.21
18.65.200.111
192.99.13.63
212.102.50.51
23.10.5.240
2404:6800:4004:81d::200a
2404:6800:4004:821::200a
2404:6800:4004:821::200e
2404:6800:4004:826::2001
2404:6800:4012:2::2003
2606:2800:10c:c88c:512a:3124:2bde:8038
2606:4700::6810:5914
2606:4700::6812:acf
3.114.95.219
46.105.201.240
51.89.99.21
52.77.161.92
67.199.248.10
72.167.53.220
99.84.128.52
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
060c781637b103bea9893e18a67340d20056d8c8c0382d8153d750a3f57a0494
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
154d5df42cb15b71e49ef4cc7b31c6397abf3e78e7f472ff241047338e7bfced
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2b22683c7bb6ae6768fcc91875802903e0ce108bba5af436b821cc1780ad74bc
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
36a1eb443e2df2cd366843e5fc4401d1d76f6ea152565278e58d7d8a4c62c0ca
3942b922ee00f7a942e798f4b3b680ab3eeceb98b6016dadaa044beceebcedc8
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
682eb98c15332f008813c2ac81a43da8ed9b7e9fe0dd8bb2ae66cf2c56481459
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262
8c086db91166da615a5b577a652011b6d152c78c78280c88acab2ade41296767
90fdfd72eedc7471dc2fde498180954eeb42ccddd83430149f33e75f6dd5a675
98271d6681e53ee3df365603eefad38a31a196647e0288559bc2f069b0f0a37b
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
b0f4540948cd64a5952d75875c42dc63bfb56713ee9811684c3891c142c420b0
b22842737e6d2c5032e59af9137591e9b68908aefac3283123bce1e289778c8c
bdecf0171609fc54f6b4ce8c8f03cc67f4fbe8f8e01fa3ef5782c7802e9c9c6a
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
dc8f4852694166f4384257b4c0972514a8a43543ae2094cd3d0627ebe291328c
e084014307a195ff2f89a59fbbbd9658b1e9ee3dfef80f57f65d3f52773ebe7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec23b4d336e3642b052d28c2aef99281967da2279c0c277632eb18c4d4027364
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc8bdef3f522588182f028f48a25bb333560d5316105c072de946111c5834b8f
fe3fd5ca8d8d6dcdbaf3384e7c92183d21ee8faefffaa483c11153d48d5556bf