everythinggoesales.shop Open in urlscan Pro
18.66.122.75  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request content.html Show response everythinggoesales.shop/ps/hu/13/fa1/lp7/	8 KB 3 KB	157ms 101ms	Document text/html	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 66c95648e72dd4b94d137f6ecb4302aedfeb3fdcc3465266632262525fd97412 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers content-encoding br content-type text/html date Sat, 03 Dec 2022 14:44:22 GMT etag W/"31003ebc77672e9f607a2cf373af204a" expires 604800 last-modified Fri, 09 Sep 2022 08:18:04 GMT server AmazonS3 vary Accept-Encoding via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) x-amz-cf-id i-coetgWdzfqJ1qKXZyt5yuQRs6MKNmhGBh3CCR4CZCAUCzA4WMdVQ== x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Thu, 31 Mar 2022 02:55:07 GMT x-cache RefreshHit from cloudfront
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 33 KB	89ms 25ms	Script text/javascript	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 06:38:32 GMT content-encoding gzip x-content-type-options nosniff age 29149 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32954 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 03 Dec 2023 06:38:32 GMT
GET H2	200	app.css everythinggoesales.shop/ps/hu/13/fa1/lp7/	33 B 426 B	134ms 132ms	Stylesheet text/css	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/app.css Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240 Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:18:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Fri, 16 Oct 2020 17:32:26 GMT etag "c588c17324f2be0e0ec90a18f39e7d7c" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/css accept-ranges bytes content-length 33 x-amz-cf-id X-BzfANKv4b24qh6ttTiO64hRe2fwnnWp22Rnk6QAc1SNdMaeRurxA== expires 604800
GET H2	200	app1.css everythinggoesales.shop/ps/hu/13/fa1/lp7/	3 KB 1 KB	121ms 119ms	Stylesheet text/css	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/app1.css Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c534ff298045425659928296b2f7fca2bf91906a480fec84e9424207df51600f Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT content-encoding br via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:18:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Fri, 16 Oct 2020 17:32:31 GMT etag W/"84fcbbbd0f6076832e48ea72339965c6" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/css x-amz-cf-id B1ue7z2yWAulgbZx_xlMW3l5Nw7zaigqWdU8Jyi_W0dqYuO4eTJbGg== expires 604800
GET H2	200	default@0.75x.png everythinggoesales.shop/ps/hu/13/fa1/lp7/	63 KB 64 KB	102ms 99ms	Image image/png	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/default@0.75x.png Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 2346f74723d0c9a968aad0aee686d909e834e8a8b3e978d8d4bb9355057b0164 Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:18:04 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Wed, 09 Feb 2022 08:12:27 GMT etag "053ae3610b62674f6ba4860df68be104" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 65022 x-amz-cf-id 3TgaQ5KtADs2CBJSmQUuWW_VAbEUH8qdZ1I-Gj9S-fqkFypPjrAdPA== expires 604800
GET H2	200	checked.png everythinggoesales.shop/ps/hu/13/fa1/lp7/	1 KB 2 KB	128ms 126ms	Image image/png	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/checked.png Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash ab834bfb8eeb43e3703eabad89e11a0cd906155d6cea60205cd69e443cc9adcc Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:18:04 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Fri, 16 Oct 2020 17:33:26 GMT etag "b9a9e340bb886b125b3f43f6fe456c0d" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 1502 x-amz-cf-id 4pZU13iKz6aVeQJeL-2_pUdL5G8FX2f2a5IhOY5tUgOUhKElOv_-Xg== expires 604800
GET H2	200	spinner.gif everythinggoesales.shop/ps/hu/13/fa1/lp7/	2 KB 2 KB	126ms 124ms	Image image/gif	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/spinner.gif Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d08886e8a724d490ec4f86229c38a1856ef782d7e56d80f6dd042a76da6dec2e Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:18:05 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Fri, 16 Oct 2020 17:33:59 GMT etag "907e5277285e5c4d1cfdf2ecc2332c53" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/gif accept-ranges bytes content-length 1569 x-amz-cf-id 0A-WSh078rHfDJM3OkRDrcdjxbQzBhDsUf1DIsWvzWDE03EPbzwJpQ== expires 604800
GET H2	200	app.js Show response everythinggoesales.shop/ps/hu/13/fa1/lp7/	977 B 1 KB	154ms 153ms	Script application/x-javascript	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/app.js Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 1bd25e467ea078265aee433e0cf9732a7e127514304634590a2de17fb2330896 Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:18:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Fri, 16 Oct 2020 17:34:07 GMT etag "15b1bae461854d516179a34a8c9b5f08" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/x-javascript accept-ranges bytes content-length 977 x-amz-cf-id qmGsXEnjJTVbqo9COVtc56_UxiTlo0yD1mUnJimEjEOYn9YZgEX3Lw== expires 604800
GET H2	200	app1.js Show response everythinggoesales.shop/ps/hu/13/fa1/lp7/	293 KB 57 KB	134ms 134ms	Script application/x-javascript	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://everythinggoesales.shop/ps/hu/13/fa1/lp7/app1.js Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c1bff5d134700d88a8b69ccd0d7e2ee6b40b35d458b7d0fe042492f253531c3b Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT content-encoding br via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) last-modified Fri, 09 Sep 2022 08:18:04 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 x-amz-meta-cb-modifiedtime Thu, 31 Mar 2022 02:55:07 GMT etag W/"09c8a1cb6a6c7f8d119e5528256698cd" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/x-javascript x-amz-cf-id E-Nt91QLHUeXrHIr5-VLbNG8f3kmeMtg7pY9wv3KUJ8HZh0oJgm2dQ== expires 604800
GET H2	200	tag.min.js Show response gloophoa.net/pfe/current/	14 KB 6 KB	254ms 34ms	Script application/javascript	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/pfe/current/tag.min.js?z=3553227&ymid=null&var=null Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash f28c7f29111515de23861d74072c7f60e4a06965c91476e8d7d3409062d9d358 Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Sat, 03 Dec 2022 14:44:21 GMT content-encoding gzip last-modified Thu, 01 Dec 2022 15:42:47 GMT server nginx etag W/"6388cb77-390a" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	93ms 35ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Pacifico&display=swap Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/app1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 00b6294afc61ef4bc202f191b68fffc31d344395ac3ce8d6c4fc8d0e4a25a399 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 03 Dec 2022 14:44:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 03 Dec 2022 14:42:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 03 Dec 2022 14:44:21 GMT
GET H2	200	zone Show response gloophoa.net/	721 B 1013 B	21ms 21ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/zone?pub=0&zone_id=3553227&is_mobile=false&domain=everythinggoesales.shop&var=null&ymid=null&var_3= Requested by Host: gloophoa.net URL: https://gloophoa.net/pfe/current/tag.min.js?z=3553227&ymid=null&var=null Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 0eb604902a137668b59b9455a41d18292095f1eb4508340eac0977a9388f1051 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers x-trace-id 444e918b6214c3e8d32cda90d344fc08 date Sat, 03 Dec 2022 14:44:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://everythinggoesales.shop access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 721
GET H2	200	universal.min.js Show response gloophoa.net/pfe/current/	99 KB 33 KB	79ms 40ms	Fetch application/javascript	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/pfe/current/universal.min.js?v=3.1.409 Requested by Host: gloophoa.net URL: https://gloophoa.net/pfe/current/tag.min.js?z=3553227&ymid=null&var=null Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3abef6168f06a92edfc05945cd2336f3ba3bb2719c3380393ec498e755c97fb Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers pragma no-cache date Sat, 03 Dec 2022 14:44:21 GMT content-encoding gzip last-modified Thu, 01 Dec 2022 15:42:46 GMT server nginx etag W/"6388cb76-18c6c" content-type application/javascript access-control-allow-origin https://everythinggoesales.shop cache-control no-cache access-control-allow-credentials true
OPTIONS H2	200	custom gloophoa.net/	0 0	19ms 19ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/custom Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://everythinggoesales.shop Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://everythinggoesales.shop access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sat, 03 Dec 2022 14:44:21 GMT server nginx
OPTIONS H2	200	custom gloophoa.net/	0 0	31ms 31ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/custom Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://everythinggoesales.shop Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://everythinggoesales.shop access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sat, 03 Dec 2022 14:44:21 GMT server nginx
POST H2	200	custom Show response gloophoa.net/	39 B 330 B	21ms 20ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/custom Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://everythinggoesales.shop/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Content-Type application/json Response headers x-trace-id b8fae6f965a81a8d4855b9b7a609583a date Sat, 03 Dec 2022 14:44:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://everythinggoesales.shop access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 39
POST H2	200	custom Show response gloophoa.net/	39 B 329 B	21ms 21ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/custom Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://everythinggoesales.shop/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Content-Type application/json Response headers x-trace-id e172112ef2cc7e0bb8e14b43e396e6a5 date Sat, 03 Dec 2022 14:44:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://everythinggoesales.shop access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 39
OPTIONS H2	200	custom gloophoa.net/	0 0	19ms 19ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/custom Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://everythinggoesales.shop Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://everythinggoesales.shop access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sat, 03 Dec 2022 14:44:21 GMT server nginx
POST H2	200	custom Show response gloophoa.net/	39 B 330 B	20ms 19ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloophoa.net/custom Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://everythinggoesales.shop/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Content-Type application/json Response headers x-trace-id 62d9562819cb3ebd7557882f1b70e848 date Sat, 03 Dec 2022 14:44:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://everythinggoesales.shop access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 39
GET H2	200	gid.js Show response my.rtmark.net/	65 B 549 B	91ms 32ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=63bbd13c4c7e48ae8c469296b648f221&zoneId=3553227&checkDuplicate=true&ymid=null&var=null Requested by Host: everythinggoesales.shop URL: https://everythinggoesales.shop/ps/hu/13/fa1/lp7/content.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 3ab2201457516eddf8ee0cfb1b8a6b361cd48a891172c20138ba5f6fe83d6e6a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://everythinggoesales.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Sat, 03 Dec 2022 14:44:22 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://everythinggoesales.shop access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| getUrlParameter undefined| sourceid function| setImmediate function| clearImmediate object| zfgformats object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-20 16:40:14	Name: ID Value: 63bbd13c4c7e48ae8c469296b648f221

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
everythinggoesales.shop
fonts.googleapis.com
gloophoa.net
my.rtmark.net
139.45.195.8
139.45.197.250
18.66.122.75
2a00:1450:4001:806::200a
2a00:1450:4001:82b::200a
00b6294afc61ef4bc202f191b68fffc31d344395ac3ce8d6c4fc8d0e4a25a399
0eb604902a137668b59b9455a41d18292095f1eb4508340eac0977a9388f1051
1bd25e467ea078265aee433e0cf9732a7e127514304634590a2de17fb2330896
2346f74723d0c9a968aad0aee686d909e834e8a8b3e978d8d4bb9355057b0164
3ab2201457516eddf8ee0cfb1b8a6b361cd48a891172c20138ba5f6fe83d6e6a
66c95648e72dd4b94d137f6ecb4302aedfeb3fdcc3465266632262525fd97412
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
ab834bfb8eeb43e3703eabad89e11a0cd906155d6cea60205cd69e443cc9adcc
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
c1bff5d134700d88a8b69ccd0d7e2ee6b40b35d458b7d0fe042492f253531c3b
c534ff298045425659928296b2f7fca2bf91906a480fec84e9424207df51600f
d08886e8a724d490ec4f86229c38a1856ef782d7e56d80f6dd042a76da6dec2e
e3abef6168f06a92edfc05945cd2336f3ba3bb2719c3380393ec498e755c97fb
f28c7f29111515de23861d74072c7f60e4a06965c91476e8d7d3409062d9d358
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881