urlscan.io logo urlscan.io
SecurityTrails logo

bestdeals.evtottav.com Open in urlscan Pro
173.249.51.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://bestdeals.evtottav.com/
Submission Tags: @phishunt_io
Submission: On May 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 173.249.51.35, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is bestdeals.evtottav.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 5th 2022. Valid for: 3 months.
This is the only time bestdeals.evtottav.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 173.249.51.35 51167 (CONTABO)
1 2a00:1450:400... 15169 (GOOGLE)
12 192.0.72.23 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
26 4
Apex Domain
Subdomains		 Transfer
12 wordpress.com
gofshop.files.wordpress.com
550 KB
12 evtottav.com
bestdeals.evtottav.com
137 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
1 KB
26 4
Domain Requested by
12 gofshop.files.wordpress.com bestdeals.evtottav.com
12 bestdeals.evtottav.com bestdeals.evtottav.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bestdeals.evtottav.com
26 4

This site contains links to these domains. Also see Links.

Domain
amzn.to
wordpress.org
Subject Issuer Validity Valid
bestdeals.evtottav.com
cPanel, Inc. Certification Authority		 2022-05-05 -
2022-08-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-28 -
2023-01-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bestdeals.evtottav.com/
Frame ID: F48EA896574335B93F591D8B51FAB1F8
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best Deals – Find best shopping deals

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

715 kB
Transfer

981 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bestdeals.evtottav.com/ 		73 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
8d5a7759966a42f5e9f2a23e16a7fb86d0b7b1c1e498c0891d6719c94eb76dbe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 06 May 2022 03:07:11 GMT
link
<https://bestdeals.evtottav.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
style.min.css
bestdeals.evtottav.com/wp-includes/css/dist/block-library/ 		53 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.9
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:11 GMT
content-encoding
br
last-modified
Tue, 01 Sep 2020 23:42:42 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7455
expires
Fri, 13 May 2022 03:07:11 GMT
theme.min.css
bestdeals.evtottav.com/wp-includes/css/dist/block-library/ 		2 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.9
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:11 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 12:27:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
635
expires
Fri, 13 May 2022 03:07:11 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
480bfc9a6411ac64464470148379a1cde58fa6b5eb78efbb6334e6620d0e9b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 May 2022 01:11:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 06 May 2022 03:07:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 May 2022 03:07:12 GMT
style.css
bestdeals.evtottav.com/wp-content/themes/twentyseventeen/ 		86 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-content/themes/twentyseventeen/style.css?ver=20190507
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
be79cd5fa4e9cb9956cc1643740b41c0ea7758c9e55e8f76ad4524a585795f78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:11 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 12:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15266
expires
Fri, 13 May 2022 03:07:11 GMT
blocks.css
bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20190105
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
8851c4eff7c025edc379ed3d6f62dbba14afeb88261ad9bf4e1eb47ca5682a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:11 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 12:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1761
expires
Fri, 13 May 2022 03:07:11 GMT
jquery.js
bestdeals.evtottav.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:11 GMT
content-encoding
br
last-modified
Fri, 17 May 2019 03:55:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
32853
expires
Fri, 13 May 2022 03:07:11 GMT
cropped-cover-picture-evtottav.jpg
bestdeals.evtottav.com/wp-content/uploads/2020/08/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestdeals.evtottav.com/wp-content/uploads/2020/08/cropped-cover-picture-evtottav.jpg
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
4174ccaa6641e9737dbe63e76a386b2c438f63ac34164cef3e1ca38ed7f6d538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:12 GMT
last-modified
Fri, 14 Aug 2020 12:48:29 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
49669
expires
Fri, 13 May 2022 03:07:12 GMT
metal-band-ring-2.jpg
gofshop.files.wordpress.com/2020/07/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/metal-band-ring-2.jpg?w=512
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7f621ab426d3ec1aa1be03149ce7e035663e145300ffc8a68594906f4f9aee5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 17:46:39 GMT
server
nginx
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
20284
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 03:09:19 GMT
amazon40buybest-1.png
gofshop.files.wordpress.com/2020/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/amazon40buybest-1.png?w=355
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
002e0a238e1d7012a5e65ee33f646665bf372f0b7f1e84a60f58f1e283cc1464
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 17:47:15 GMT
server
nginx
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
4054
access-control-allow-credentials
true
expires
Sat, 04 Jun 2022 04:36:58 GMT
timex-ironman-watch-1.jpg
gofshop.files.wordpress.com/2020/07/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/timex-ironman-watch-1.jpg?w=512
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bf1641cc19753682abc80affa224e38c4dd82b258d41673f3e3622a007d37112
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:58:13 GMT
server
nginx
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
37044
access-control-allow-credentials
true
expires
Mon, 30 May 2022 17:22:26 GMT
amazon40buybest-1.png
gofshop.files.wordpress.com/2020/07/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/amazon40buybest-1.png
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9d133ed566840fb0be61f3b1c09f3f3f91b42693f48ffd613d0e287dc80ae4c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 17:47:15 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/png
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
6414
expires
Fri, 03 Jun 2022 05:09:54 GMT
tide-detergent-pods-1.jpg
gofshop.files.wordpress.com/2020/07/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/tide-detergent-pods-1.jpg
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d6574114fe8da90ed2f6ad940acbfa31466a1c8765fd47a11b3362b7a5fbaa5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:58:02 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/jpeg
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
101693
expires
Thu, 09 Jun 2022 05:23:13 GMT
victorinox-swiss-watch-1.jpg
gofshop.files.wordpress.com/2020/07/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/victorinox-swiss-watch-1.jpg
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cb3fb9fdd6cd7c7b105741e3a765197cb26ea7fcd82b030071a81530c0dedbb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:59:12 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/jpeg
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
53659
expires
Fri, 27 May 2022 11:58:34 GMT
green-gemstone-leverback-earrings-1.jpg
gofshop.files.wordpress.com/2020/07/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/green-gemstone-leverback-earrings-1.jpg
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c6cd037d93a127f18045032c958302f52ccc6f728da0bb995a1daf218c37ab60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:50:16 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/jpeg
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
34982
expires
Fri, 27 May 2022 23:33:51 GMT
wp-emoji-release.min.js
bestdeals.evtottav.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:12 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 11:31:17 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4316
expires
Fri, 13 May 2022 03:07:12 GMT
vostok-amphibian-military-diver-1.jpg
gofshop.files.wordpress.com/2020/07/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/vostok-amphibian-military-diver-1.jpg
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4208947893bb5d56b39a404f5797d8690b371525012df47b6527344d257fda1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:59:15 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/jpeg
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
64794
expires
Sun, 05 Jun 2022 20:49:40 GMT
hawaiian-colorful-mask-1.jpg
gofshop.files.wordpress.com/2020/07/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/hawaiian-colorful-mask-1.jpg?w=512
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2a88a8288b4399769491ab6eb12bc80d452911f60176ec23b0ebcdf37bb3f1a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:50:44 GMT
server
nginx
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
40100
access-control-allow-credentials
true
expires
Sun, 29 May 2022 20:28:19 GMT
ten-pieces-surgical-face-mask-1.jpg
gofshop.files.wordpress.com/2020/07/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/ten-pieces-surgical-face-mask-1.jpg?w=512
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
579136c446710abffb04ef6f93f73cd435d6b013c70fcca0e68ec4f541b9d4b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:57:52 GMT
server
nginx
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
46314
access-control-allow-credentials
true
expires
Sat, 28 May 2022 15:08:28 GMT
casio-analog-sport-watch-1.jpg
gofshop.files.wordpress.com/2020/07/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/casio-analog-sport-watch-1.jpg
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e2cd1042525f83ca26787f749947b8e0e45d65842937bbfc64c1b675e88afa4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:44:30 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/jpeg
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
71635
expires
Tue, 31 May 2022 07:55:49 GMT
timex-womens-indiglo-1.jpg
gofshop.files.wordpress.com/2020/07/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofshop.files.wordpress.com/2020/07/timex-womens-indiglo-1.jpg
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
418e6e422c78f4fad4e8aa099ece34f536a9226e5aaf294a2f529885eaf1cc84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-nc
HIT hhn 23 np
date
Fri, 06 May 2022 03:07:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Jul 2020 15:58:18 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/jpeg
access-control-allow-origin
https://gofshop.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
80336
expires
Wed, 01 Jun 2022 06:57:56 GMT
skip-link-focus-fix.js
bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/js/ 		714 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
ee30de0a826081966aa58bd563d92e80a28a2af7415ad440889ddc1c0a3b5ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:11 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 12:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
332
expires
Fri, 13 May 2022 03:07:11 GMT
global.js
bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
ce00bac9e4014a04802579175ba9a5f162e2077c09688fdddecde8009dab4bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:12 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 12:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2415
expires
Fri, 13 May 2022 03:07:12 GMT
jquery.scrollTo.js
bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
1d0d5d17bf621ae0c14ccb13a283d574d1e4e2cbbc459c6d8dbe6b1bd5ad9bfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:12 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 12:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2264
expires
Fri, 13 May 2022 03:07:12 GMT
wp-embed.min.js
bestdeals.evtottav.com/wp-includes/js/ 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdeals.evtottav.com/wp-includes/js/wp-embed.min.js?ver=5.5.9
Requested by
Host: bestdeals.evtottav.com
URL: https://bestdeals.evtottav.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.249.51.35 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server2.whmcpanels.com
Software
LiteSpeed /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestdeals.evtottav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:07:12 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 11:31:17 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
663
expires
Fri, 13 May 2022 03:07:12 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v12/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v12/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestdeals.evtottav.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 17:51:54 GMT
x-content-type-options
nosniff
age
206118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27240
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 17:51:54 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _wpemojiSettings undefined| $ function| jQuery object| twentyseventeenScreenReaderText object| jQuery11240025843908158841078 object| wp object| twemoji

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestdeals.evtottav.com
fonts.googleapis.com
fonts.gstatic.com
gofshop.files.wordpress.com
173.249.51.35
192.0.72.23
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
002e0a238e1d7012a5e65ee33f646665bf372f0b7f1e84a60f58f1e283cc1464
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
1d0d5d17bf621ae0c14ccb13a283d574d1e4e2cbbc459c6d8dbe6b1bd5ad9bfc
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2a88a8288b4399769491ab6eb12bc80d452911f60176ec23b0ebcdf37bb3f1a2
3d6574114fe8da90ed2f6ad940acbfa31466a1c8765fd47a11b3362b7a5fbaa5
4174ccaa6641e9737dbe63e76a386b2c438f63ac34164cef3e1ca38ed7f6d538
418e6e422c78f4fad4e8aa099ece34f536a9226e5aaf294a2f529885eaf1cc84
4208947893bb5d56b39a404f5797d8690b371525012df47b6527344d257fda1d
480bfc9a6411ac64464470148379a1cde58fa6b5eb78efbb6334e6620d0e9b19
579136c446710abffb04ef6f93f73cd435d6b013c70fcca0e68ec4f541b9d4b3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
8851c4eff7c025edc379ed3d6f62dbba14afeb88261ad9bf4e1eb47ca5682a0a
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8d5a7759966a42f5e9f2a23e16a7fb86d0b7b1c1e498c0891d6719c94eb76dbe
9d133ed566840fb0be61f3b1c09f3f3f91b42693f48ffd613d0e287dc80ae4c0
b7f621ab426d3ec1aa1be03149ce7e035663e145300ffc8a68594906f4f9aee5
be79cd5fa4e9cb9956cc1643740b41c0ea7758c9e55e8f76ad4524a585795f78
bf1641cc19753682abc80affa224e38c4dd82b258d41673f3e3622a007d37112
c6cd037d93a127f18045032c958302f52ccc6f728da0bb995a1daf218c37ab60
cb3fb9fdd6cd7c7b105741e3a765197cb26ea7fcd82b030071a81530c0dedbb5
ce00bac9e4014a04802579175ba9a5f162e2077c09688fdddecde8009dab4bf4
e2cd1042525f83ca26787f749947b8e0e45d65842937bbfc64c1b675e88afa4d
ee30de0a826081966aa58bd563d92e80a28a2af7415ad440889ddc1c0a3b5ef5
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb