urlscan.io logo urlscan.io
SecurityTrails logo

shopping.oneforyou.co Open in urlscan Pro
18.216.64.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://readynowgo.co/
Effective URL: https://shopping.oneforyou.co/
Submission Tags: phishingrod
Submission: On May 11 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 44 HTTP transactions. The main IP is 18.216.64.231, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is shopping.oneforyou.co.
TLS certificate: Issued by R3 on February 9th 2023. Valid for: 3 months.
This is the only time shopping.oneforyou.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 18.216.64.231 16509 (AMAZON-02)
22 18.66.192.110 16509 (AMAZON-02)
5 44.212.137.48 14618 (AMAZON-AES)
2 34.120.184.123 396982 (GOOGLE-CL...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 13.249.9.61 16509 (AMAZON-02)
4 16.12.66.9 16509 (AMAZON-02)
1 13.249.9.107 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 188.114.96.3 13335 (CLOUDFLAR...)
44 11
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
readynowgo.co
1    18.216.64.231 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-64-231.us-east-2.compute.amazonaws.com
shopping.oneforyou.co
22    18.66.192.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-110.muc50.r.cloudfront.net
spread.name
5    44.212.137.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-137-48.compute-1.amazonaws.com
api.spreadsimple.com
stats.spreadsimple.com
2    34.120.184.123 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 123.184.120.34.bc.googleusercontent.com
youengage.me
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.249.9.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-61.cdg53.r.cloudfront.net
js.stripe.com
4    16.12.66.9 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com
s3.us-east-2.amazonaws.com
1    13.249.9.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-107.cdg53.r.cloudfront.net
js.stripe.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
imagevideo.showthis.work
Apex Domain
Subdomains		 Transfer
22 spread.name
spread.name — Cisco Umbrella Rank: 863903
1 MB
5 spreadsimple.com
api.spreadsimple.com
stats.spreadsimple.com
37 KB
4 showthis.work
imagevideo.showthis.work
307 KB
4 amazonaws.com
s3.us-east-2.amazonaws.com
10 MB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
148 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
73 KB
2 youengage.me
youengage.me
142 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 oneforyou.co
shopping.oneforyou.co
805 B
1 readynowgo.co
readynowgo.co
504 B
0 funnelll.com Failed
private.funnelll.com Failed
44 11
Domain Requested by
22 spread.name shopping.oneforyou.co
spread.name
4 imagevideo.showthis.work
4 s3.us-east-2.amazonaws.com
3 stats.spreadsimple.com spread.name
stats.spreadsimple.com
2 js.stripe.com spread.name
js.stripe.com
2 connect.facebook.net shopping.oneforyou.co
connect.facebook.net
2 youengage.me spread.name
youengage.me
2 api.spreadsimple.com spread.name
1 www.facebook.com
1 shopping.oneforyou.co
1 readynowgo.co 1 redirects
0 private.funnelll.com Failed spread.name
44 12

This site contains no links.

Subject Issuer Validity Valid
shopping.oneforyou.co
R3		 2023-02-09 -
2023-05-10		 3 months crt.sh
spread.name
Amazon RSA 2048 M02		 2024-04-24 -
2025-05-24		 a year crt.sh
api.spreadsimple.com
R3		 2024-04-17 -
2024-07-16		 3 months crt.sh
youengage.me
GTS CA 1D4		 2024-04-19 -
2024-07-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-18 -
2024-05-18		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-02-29 -
2025-02-12		 a year crt.sh
stats.spreadsimple.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
showthis.work
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://shopping.oneforyou.co/
Frame ID: 1F9BFBCF8A1E1F6A5126121B58B3CB6B
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 190F624AD6D0475DF9FC011CDAB7F357
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Lifetime Software Deals Marketplace

Page URL History Show full URLs

  1. https://readynowgo.co/ HTTP 302
    https://shopping.oneforyou.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

44
Requests

95 %
HTTPS

27 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

11598 kB
Transfer

14810 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://readynowgo.co/ HTTP 302
    https://shopping.oneforyou.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shopping.oneforyou.co/
Redirect Chain
  • https://readynowgo.co/
  • https://shopping.oneforyou.co/
2 KB
805 B 		Document
General
Check archive.org
Download Go to
Full URL
https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.216.64.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-64-231.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
7df596d30a34f6e8d5e7d89c8726053567e66000d07a6ee5fb9cbecbb3710088

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 11 May 2024 09:13:52 GMT
etag
W/"637cc3c5-6ef"
last-modified
Tue, 22 Nov 2022 12:42:45 GMT
server
nginx/1.16.1

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
88210e2ffe359702-AMS
content-type
text/html; charset=UTF-8
date
Sat, 11 May 2024 09:13:51 GMT
expires
Mon, 13 May 2024 09:13:51 GMT
location
https://shopping.oneforyou.co/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI DSP COR ADM DEV COM NAV OUR STP"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pfwmUpDLxA5nQL1L9HAt0PNNMqxWvikm423HDMDCaVDxlTqysVRj6ppyTCfznYRgiYjvHj9EUj90FfOklxhks9une1mL78DtJ7LRGFEP1OY9i%2BdZDXPmxJ0GRtDyAAuTqXz%2BMr99pBiDeUpJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
index.css
spread.name/css/ 		425 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spread.name/css/index.css?_hash=9f14e879
Requested by
Host: shopping.oneforyou.co
URL: https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70cdcf4d89783a8f98b4eba8dc03f25d834b1f2c2d1e54a8ce884ab1c4561604

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:53 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"8ebf889adfd6ef945b97da583b33a858"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
VJAMl_OJaJnFOv4i7OpGzGJ1JZtBERdZkSyYIIyC2HkdmonnoRlkFw==
index.js
spread.name/js/ 		2 MB
512 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/index.js?_hash=484ecb0d
Requested by
Host: shopping.oneforyou.co
URL: https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f264bd9429ca7ab5212682f38c31f30f359b79e85672c5276817c741e43705db

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"e45d914c78cd9a70138291c41d52ecef"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
tLH6thnqNoUQHpum4LlMtTc9os3VssqFpjsypjpZzT7kABkdH3Mk9Q==
page-checkout.js
spread.name/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/page-checkout.js?_hash=8fd6d729
Requested by
Host: shopping.oneforyou.co
URL: https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:53 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"7cc57d093942a3d30a7636ab80c4c98e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
TxSM7Fo0jURvU4fvOzVJkzaWEFS_f-0w-ZpiqvxqOLMtR2TefA6uuw==
page-spread-view.js
spread.name/js/ 		0
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/page-spread-view.js?_hash=3f5632bd
Requested by
Host: shopping.oneforyou.co
URL: https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"f91aa19897ef21dca9fe0841c6bc9a60"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
6RM4rfb-b4fhu9C6wxkQp5TAjIRGY9PTXprzBcFuPUM2Ok2DLjgr8Q==
page-view.js
spread.name/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/page-view.js?_hash=3addb134
Requested by
Host: shopping.oneforyou.co
URL: https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:53 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"1b37a06f5a1bc8702e60997364b426dd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
2YfoUAKO301G_qs_yC86Qxuf9g4raqDbFS-dRIzbJkCyTI1yyqFfzQ==
vendors~page-spread-view.js
spread.name/js/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/vendors~page-spread-view.js?_hash=6924f7e0
Requested by
Host: shopping.oneforyou.co
URL: https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:53 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"fd849e4be28f1eb5690aa6fb113977d9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
QMN3up0-l0w7kAeVZPEMNWXIq9x0pNB38CMHbJkNU10zZU5quYloKw==
shopping.oneforyou.co
api.spreadsimple.com/spread-view/public/omit-routes/ 		13 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.spreadsimple.com/spread-view/public/omit-routes/shopping.oneforyou.co
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.137.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-137-48.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e9e7c8eb60cee60ffb17714a57dc80fe0d06559de89a6db83f3055335c8d02e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-authenticated
false
date
Sat, 11 May 2024 09:13:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-website-access
Unauthorized: Access token is not valid
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
nginx/1.22.1
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shopping.oneforyou.co
access-control-expose-headers
x-authenticated
access-control-allow-credentials
true
favicon.ico
spread.name/ 		318 B
679 B 		Other
General
Check archive.org
Download Go to
Full URL
https://spread.name/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
467f3d85cdf7bf5b57cb7eb270fd99c628bdc8d688b2132cc203229e311eb609

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2588
etag
"11fb4799192313dd5474a343d9cc0a17"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/vnd.microsoft.icon
cache-control
max-age=31536000
content-length
318
x-amz-cf-id
D0jHni2-DsSpD4yrRuw8ZC86MzySOYl8EDK4Y_EyXkeEdVz0zttanA==
/
spread.name/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN/scheme/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spread.name/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN/scheme/?query=e30%3D&options=eyJpc1BybyI6dHJ1ZSwic2VhcmNoIjp7ImVuYWJsZWQiOnRydWUsImNvbHVtbnMiOlsiU0tVLSIsIk5hbWUtIiwiU29sZGJ5LSIsIkRlbGl2ZXJ5YnktIiwiSGF2ZWNvZGVzLSIsIlN0b3JhZ2UtIiwiVHlwZXMtIiwiVHlwZVNXLSIsIlN0YWNrZWRjb2Rlcy0iLCJDYXRlZ29yeS0iLCJSZWd1bGFycHJpY2UtIiwiRGlzY291bnQtIiwiUHJpY2UkLSIsIlF1YW50aXR5LSIsIkJlc3RzZWxsZXItIiwiRmV3cHJvZHVjdHMtIiwiRGVzY3JpcHRpb24tIiwiRnVsbGRlc2NyaXB0aW9uLSIsIkltYWdlLSJdfSwic29ydGluZyI6eyJlbmFibGVkIjp0cnVlLCJzaHVmZmxlIjp0cnVlfSwidmFyaWFudHMiOnsiZW5hYmxlZCI6dHJ1ZSwiZ3JvdXBDYXJkcyI6dHJ1ZSwiaWQiOiJUeXBlU1ctIiwib3B0aW9ucyI6eyJpZHMiOlsiU3RhY2tlZGNvZGVzLSIsIlN0b3JhZ2UtIiwiVHlwZXMtIiwiU29sZGJ5LSIsIkRlbGl2ZXJ5YnktIl0sInNob3dWYXJpYW50c09wdGlvbnNJbkNhcmRzIjpmYWxzZX19LCJwYWdpbmF0aW9uIjp7ImVuYWJsZWQiOnRydWUsIml0ZW1zUGVyUGFnZSI6IjEwMCJ9LCJmaWx0ZXJzIjp7ImVuYWJsZWQiOnRydWUsInZhbHVlcyI6W3siaWQiOiJDYXRlZ29yeS0iLCJ0eXBlIjoibXVsdGlwbGUifSx7ImlkIjoiU3RhY2tlZGNvZGVzLSIsInR5cGUiOiJtdWx0aXBsZSJ9LHsiaWQiOiJQcmljZSQtIiwidHlwZSI6Im11bHRpcGxlIn1dfSwibWFwVmlldyI6eyJlbmFibGVkIjpmYWxzZSwiaWQiOm51bGwsIm1hcmtlclR5cGUiOiJwaW4iLCJpbWFnZUNvbElkIjoiIn19
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
/
Resource Hash
900f8eaedae9172212407918d88ac4890583377b71979d1d8c911e2a08cc887c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront), 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
FRA56-P6, MUC50-P1
x-amzn-requestid
ad318107-591a-4a36-bf01-9ee4f854018b
x-amzn-trace-id
Root=1-663f36d2-2a15c5e10826e038723a44fe;Parent=2966143041045299;Sampled=0;lineage=c0c6ecc8:0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-apigw-id
XmWA9GsnIAMEqqg=
x-amz-cf-id
CIguBmP07ovV9ihRJcB99H6dW6A-MBNt7Dwe6Y-Ax7U7at_3QSj0Ag==
DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN
api.spreadsimple.com/sheet/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.spreadsimple.com/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN?options=eyJlbmFibGVTaW5nbGVJdGVtVmlldyI6dHJ1ZSwic2luZ2xlSXRlbU9wdGlvbnMiOnsidXJsIjp7ImlkIjoiTmFtZS0ifX19
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.137.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-137-48.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
server
nginx/1.22.1
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin
access-control-allow-origin
https://shopping.oneforyou.co
x-dns-prefetch-control
off
access-control-allow-credentials
true
x-xss-protection
1; mode=block
vendors~page-checkout~page-details-view-noprefetch~page-spread-view.js
spread.name/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/vendors~page-checkout~page-details-view-noprefetch~page-spread-view.js?_hash=481a8d1f
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12697a7076965af46b63f9487e36b8354e77024898a83ce41b91e84218247788

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 08:30:46 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2588
etag
W/"fa10e98b6544b971c53d87038aa2ea65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
mZEePYlgAjeW5-3K-BVosm-GPzSy-rggeFa7ARn732zPx-nxTZu5-A==
vendors~page-details-view-noprefetch~page-spread-view.css
spread.name/css/ 		22 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spread.name/css/vendors~page-details-view-noprefetch~page-spread-view.css?_hash=2e336599
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac0951c3e375c232293cdf09efe512a612e5b747f4bfa294d47a5eac809f23b5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 08:30:46 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:44 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2589
etag
W/"b1a64c9815db6c06bfaf234af7c4731c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
CSoio80WWG89PFPoQ17SeWRuIq-YIhSsw-VYVC25GXsMwZMECkZxzw==
vendors~page-details-view-noprefetch~page-spread-view.js
spread.name/js/ 		201 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/vendors~page-details-view-noprefetch~page-spread-view.js?_hash=89c0d52e
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d147a1c5b475ead166ee32d7b260b64e3fcac99a6c5ea623b1c7b741e4e90dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 08:30:47 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2588
etag
W/"30e9036b4b0e176fb693561296d4c835"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
djueM2JdQrcG49vfj-UB1Nrg3KnMQ-mvybFzCWNQ2UMRHqssHAYh2A==
vendors~page-spread-view.js
spread.name/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/vendors~page-spread-view.js?_hash=97b0ded7
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a69f9c759d17283f76e934c647e05f7cf79088e65222b51af94055b46ef1fe9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2590
etag
W/"fd849e4be28f1eb5690aa6fb113977d9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
NV7hMvcfR71MaHWR6XI405VRLwbqYBt4739npHkkXHvJgno1qw_l4w==
page-checkout~page-details-view-noprefetch~page-spread-view.js
spread.name/js/ 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/page-checkout~page-details-view-noprefetch~page-spread-view.js?_hash=9c3d160b
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3550c9746bf5d44f50b5d66cd24ed7b96a90bc5282ca8fbaf2b5ba0d55865b7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"21235f07d7256c311519a6b12a9758dd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
ROG2fidS9psDUH47L2q7qRBB-Ya0rIO7Ta74RFmcsWjy801IheHlUA==
page-spread-view.js
spread.name/js/ 		111 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/page-spread-view.js?_hash=337d4801
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6216956b972cd4f4027295c5a23a5d1ecd118d71a4c79aaf26d6ce681c5e7af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2590
etag
W/"f91aa19897ef21dca9fe0841c6bc9a60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
guGlQ6Ru6myWW3zuKEWtefQF7InD1hTcyFe9Hd3FU6ZGwepg-eGM9A==
scripts
private.funnelll.com/scriptserver/ 		0
0
service-loader.js
youengage.me/ 		241 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://youengage.me/service-loader.js
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.184.123 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.184.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1aba8adbc8676f9cc1299a182956f284bd4d0f9ccf29de0866852fe7f346c7e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
via
1.1 google
last-modified
Sun, 21 Apr 2024 20:59:14 GMT
server
Google Frontend
content-type
application/javascript
x-cloud-trace-context
574a0c4cbbefa620120f989a31e0427a
accept-ranges
bytes
alt-svc
clear
content-length
241
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shopping.oneforyou.co
URL: https://shopping.oneforyou.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 11 May 2024 09:13:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=12, mss=1294, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
HiFhQ9TQ1iwff3fQ/5bPd0M+hf8YAcbKAwVIiaKVFEDKFIzynBIxdsdtQSQ2B5Pk4m1HI8/RFCHDIRENN7PGMA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
js.stripe.com/v3/ 		604 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.9.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-9-61.cdg53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
104e1dd42b1a93041add9e8f020e9b05405d14ac722ef40a104617435f10bc6d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
content-encoding
br
via
1.1 ae1b2f64d909bc787f8b2cb1e91446cc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
6
x-amz-cf-pop
CDG53-C1
x-cache
Hit from cloudfront
last-modified
Fri, 10 May 2024 21:45:09 GMT
server
Cloudfront
etag
W/"fdfa847c5bfd3c26d57f421bc9809b3e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
zatJTSZEzW69pirTdNEXepqh8Iq-Upf6M3FBt1TBEqWWs4_nNeRa2w==
bd7620b1-f2f9-44db-ae1c-fd10f5075e75_Logo_transp..png
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-2.amazonaws.com/uploads.spreadsimple/bd7620b1-f2f9-44db-ae1c-fd10f5075e75_Logo_transp..png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.12.66.9 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
fa4f719b9076356e9d73b50bebecebd52c159ab2ef9cd8b1519f84f872e3341f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 11 May 2024 09:13:56 GMT
Last-Modified
Fri, 26 Nov 2021 10:58:40 GMT
Server
AmazonS3
x-amz-request-id
29JB31XSW8BWVZQJ
ETag
"b3d2c0fa25dc95fcadbfbf8638fe8b22"
Content-Type
image/png
Cache-Control
public, max-age=15552000
Accept-Ranges
bytes
Content-Length
90209
x-amz-id-2
nlOOdGNyEp3eojWqEGOYJ+Wwhh92etshwknM+MHBzApgIETal214kh0mWqvMAsCjl5KCtYjV4pk=
e573cdee-4c89-4134-b2d3-273902f855cb_Imagem_pagamento_5.png
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-2.amazonaws.com/uploads.spreadsimple/e573cdee-4c89-4134-b2d3-273902f855cb_Imagem_pagamento_5.png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.12.66.9 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6aaf9da0a16e9700f2d2f2607a484449f2d595a4957d9323ac5e83e4f14116c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 11 May 2024 09:13:56 GMT
Last-Modified
Fri, 26 Nov 2021 10:59:03 GMT
Server
AmazonS3
x-amz-request-id
29J9XHS9CRVWBX0N
ETag
"8390e8df4703aa530dc82471b39399b0"
Content-Type
image/png
Cache-Control
public, max-age=15552000
Accept-Ranges
bytes
Content-Length
39051
x-amz-id-2
aSQ+DXyBuH6wvLnt7bbfNz+KZzpakRD7yVBQ/H74mayOUGNItjS2xinJxgmm/6vMZC6RCh3maJs=
AvenirNextCyr-Medium.ttf
spread.name/fonts/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spread.name/fonts/AvenirNextCyr-Medium.ttf
Requested by
Host: spread.name
URL: https://spread.name/css/index.css?_hash=9f14e879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f33fefdb7e000918da9fa760f7766341ce64b435374db2afe54ed6f2df80d276

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://spread.name/css/index.css?_hash=9f14e879
Origin
https://shopping.oneforyou.co
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
via
1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
"862c7c4267856b43beabe738a13c281e"
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
88936
x-amz-cf-id
VZ-Vx0xxj5tNDoCXf38Lu6BnsqEMHwsTx_qfl8V6BKP6-HjwuH4gZg==
AvenirNextCyr-Demi.ttf
spread.name/fonts/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spread.name/fonts/AvenirNextCyr-Demi.ttf
Requested by
Host: spread.name
URL: https://spread.name/css/index.css?_hash=9f14e879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dda88f9fe9b926149c3c953e87f27676d2e33873df69d2654a80a9f630a2e69

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://spread.name/css/index.css?_hash=9f14e879
Origin
https://shopping.oneforyou.co
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
via
1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
"104be5f79e3ef6239d62bd897fde8d91"
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
88732
x-amz-cf-id
fG5fXa8LsEj3n6hIyD24SUHVpLlgGh9AkX4yxU_4YxYX_xUxlWqpiA==
AvenirNextCyr-Bold.ttf
spread.name/fonts/ 		86 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spread.name/fonts/AvenirNextCyr-Bold.ttf
Requested by
Host: spread.name
URL: https://spread.name/css/index.css?_hash=9f14e879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f5482b3d9d687d674a5262ed3b20699a057b9e227f7e4c471d1a00189b8ff74

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://spread.name/css/index.css?_hash=9f14e879
Origin
https://shopping.oneforyou.co
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
via
1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
"cb5f2e91d0edea79307ffa674c219a1d"
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
88540
x-amz-cf-id
0YQdfVL6EQuVQ8XtXLsEcYWti3o4KSmiyIrBlpczRfkUaCNYyAv9iw==
aa44ede8-041d-4994-9979-9e2e23286b9d_logo%20para%20facebook.png
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.us-east-2.amazonaws.com/uploads.spreadsimple/aa44ede8-041d-4994-9979-9e2e23286b9d_logo%20para%20facebook.png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.12.66.9 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
2519c95490973cb3a674fd7f12bf6bc667eb62b5e40948316caf50bc5c86fbdc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 11 May 2024 09:13:56 GMT
Last-Modified
Fri, 26 Nov 2021 10:58:29 GMT
Server
AmazonS3
x-amz-request-id
29J9G9BECVN4SPKB
ETag
"ae0cc5a0271762d58618b6c963d887b0"
Content-Type
image/png
Cache-Control
public, max-age=15552000
Accept-Ranges
bytes
Content-Length
7007
x-amz-id-2
+idUE7zte5DyTCwZVGLK0+YlpLig2+6AGcMm8mxkkvuHpKmXfsqfayHFWGDx68/CKvuXjwzG2Cc=
track.js
stats.spreadsimple.com/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.spreadsimple.com/track.js
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.137.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-137-48.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
0e09291de20c414b7c880d6f93086ee898c273f66b8dfdaf0d467163d86317c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:55 GMT
last-modified
Mon, 16 Jan 2023 11:19:20 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"63c532b8-8006"
content-length
32774
content-type
application/javascript
embed.js
youengage.me/ 		141 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youengage.me/embed.js
Requested by
Host: youengage.me
URL: https://youengage.me/service-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.184.123 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.184.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
793c110c0182307e1fc8de64945f9e5e96626ad1eee7df977d4e8af1cf3fd736

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:54 GMT
via
1.1 google
last-modified
Sun, 21 Apr 2024 20:59:14 GMT
server
Google Frontend
content-type
application/javascript
x-cloud-trace-context
0ac02a9755e92eed5114df45bd25f17a
accept-ranges
bytes
alt-svc
clear
content-length
144651
829710047788256
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/829710047788256?v=2.9.156&r=stable&domain=shopping.oneforyou.co&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c569ff006ab6a5deffb2b22aa1c3b9f741faccbc3d75635c79e3c9463c465ec4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 11 May 2024 09:13:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=54, mss=1294, tbw=63305, tp=-1, tpl=-1, uplat=328, ullat=0
pragma
public
x-fb-debug
DXtTtnGODPkhhsxzv8UI18xIl6zTBZN3myW++nf7NX+crw7SjN0TNK698pc1guJH2+YlvwL9gM7N9KtL2yEi1Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 190F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.9.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-9-107.cdg53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://shopping.oneforyou.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1792
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 11 May 2024 08:44:03 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 09 May 2024 21:02:20 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 a64d90720955c3d3de37aa0526d1a7a4.cloudfront.net (CloudFront)
x-amz-cf-id
GHZoojrbEnG_1RjoAwWhUijxicNHMggHJjcRhjP_HCmnKVB7mdRc_w==
x-amz-cf-pop
CDG53-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
stats.spreadsimple.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stats.spreadsimple.com/api/collect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.137.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-137-48.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://shopping.oneforyou.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://shopping.oneforyou.co
date
Sat, 11 May 2024 09:13:55 GMT
server
nginx/1.22.1
vary
Origin
collect
stats.spreadsimple.com/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats.spreadsimple.com/api/collect
Requested by
Host: stats.spreadsimple.com
URL: https://stats.spreadsimple.com/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.137.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-137-48.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 11 May 2024 09:13:55 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
server
nginx/1.22.1
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
vary
Origin
x-dns-prefetch-control
off
x-download-options
noopen
access-control-allow-origin
https://shopping.oneforyou.co
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
x-xss-protection
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=829710047788256&ev=PageView&dl=https%3A%2F%2Fshopping.oneforyou.co%2F&rl=&if=false&ts=1715418835382&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715418835381.1042277118&cs_est=true&ler=empty&cdl=API_unavailable&it=1715418834996&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 11 May 2024 09:13:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
external-checkout-action-noprefetch.js
spread.name/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spread.name/js/external-checkout-action-noprefetch.js?_hash=5a5b2944
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61cf2a6f18269e25ce1d4d68b1d2c6831a8efdb1816c03960b7bccd213fa2087

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:57 GMT
content-encoding
br
via
1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
W/"abe1d6a213989ef4848b77d358b21ce3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
oLuftz1DWQILGkZeaJwT1cFPO7jrsGl_044UlOhEHh1vM_q7MAk20g==
c05ebb75-02a8-4a55-ae70-c476ca8d03f5_videogifdocortado.gif
s3.us-east-2.amazonaws.com/uploads.spreadsimple/ 		9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-2.amazonaws.com/uploads.spreadsimple/c05ebb75-02a8-4a55-ae70-c476ca8d03f5_videogifdocortado.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.12.66.9 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4c2714b8e6554eede27cd2c010f1008ecceb21fbe0c9fc353343071c60562fa1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 11 May 2024 09:13:56 GMT
Last-Modified
Fri, 26 Nov 2021 10:58:41 GMT
Server
AmazonS3
x-amz-request-id
29J1S86J931MPEJN
ETag
"74837bb7b2aa3c97da5b726f5d424e0d"
Content-Type
image/gif
Cache-Control
public, max-age=15552000
Accept-Ranges
bytes
Content-Length
9828135
x-amz-id-2
kRFMCNX4sNKMBplnnphYcLBlM0cQ9cvUGVZPqortxlaw50BaZuAq9VHsXVm1P2wys09Mw1SDXAA=
icomoon.ttf
spread.name/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spread.name/fonts/icomoon.ttf
Requested by
Host: spread.name
URL: https://spread.name/css/index.css?_hash=9f14e879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c37d50ecda0357ec6991687a78c0f32ce0ae7f26d6ef849fd1a5a19cb234abf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://spread.name/css/index.css?_hash=9f14e879
Origin
https://shopping.oneforyou.co
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:57 GMT
via
1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
"d81841afe225d8d872a0a64ec37bd127"
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
27276
x-amz-cf-id
w3KyTkaWS_DLcLO7wvBEneOvRFLQsloXfizGGRPSxljoMF-NszkR-Q==
AvenirNextCyr-Regular.ttf
spread.name/fonts/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spread.name/fonts/AvenirNextCyr-Regular.ttf
Requested by
Host: spread.name
URL: https://spread.name/css/index.css?_hash=9f14e879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f6e65cf063a3c39bd7cb6261299b5160230072fdbb064bd531a9c7767229d53

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://spread.name/css/index.css?_hash=9f14e879
Origin
https://shopping.oneforyou.co
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:57 GMT
via
1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 09:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
"97b615b907fd3510f9129eac4a731f6f"
access-control-max-age
3000
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
89020
x-amz-cf-id
Pci_3jgvVzKBVmfUD494Ox460jrWM041NWxZw421zcIIJe38N8lPqA==
/
spread.name/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN/filters/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spread.name/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN/filters/?query=e30%3D&options=eyJpc1BybyI6dHJ1ZSwic2VhcmNoIjp7ImVuYWJsZWQiOnRydWUsImNvbHVtbnMiOlsiU0tVLSIsIk5hbWUtIiwiU29sZGJ5LSIsIkRlbGl2ZXJ5YnktIiwiSGF2ZWNvZGVzLSIsIlN0b3JhZ2UtIiwiVHlwZXMtIiwiVHlwZVNXLSIsIlN0YWNrZWRjb2Rlcy0iLCJDYXRlZ29yeS0iLCJSZWd1bGFycHJpY2UtIiwiRGlzY291bnQtIiwiUHJpY2UkLSIsIlF1YW50aXR5LSIsIkJlc3RzZWxsZXItIiwiRmV3cHJvZHVjdHMtIiwiRGVzY3JpcHRpb24tIiwiRnVsbGRlc2NyaXB0aW9uLSIsIkltYWdlLSJdfSwic29ydGluZyI6eyJlbmFibGVkIjp0cnVlLCJzaHVmZmxlIjp0cnVlfSwidmFyaWFudHMiOnsiZW5hYmxlZCI6dHJ1ZSwiZ3JvdXBDYXJkcyI6dHJ1ZSwiaWQiOiJUeXBlU1ctIiwib3B0aW9ucyI6eyJpZHMiOlsiU3RhY2tlZGNvZGVzLSIsIlN0b3JhZ2UtIiwiVHlwZXMtIiwiU29sZGJ5LSIsIkRlbGl2ZXJ5YnktIl0sInNob3dWYXJpYW50c09wdGlvbnNJbkNhcmRzIjpmYWxzZX19LCJwYWdpbmF0aW9uIjp7ImVuYWJsZWQiOnRydWUsIml0ZW1zUGVyUGFnZSI6IjEwMCJ9LCJmaWx0ZXJzIjp7ImVuYWJsZWQiOnRydWUsInZhbHVlcyI6W3siaWQiOiJDYXRlZ29yeS0iLCJ0eXBlIjoibXVsdGlwbGUifSx7ImlkIjoiU3RhY2tlZGNvZGVzLSIsInR5cGUiOiJtdWx0aXBsZSJ9LHsiaWQiOiJQcmljZSQtIiwidHlwZSI6Im11bHRpcGxlIn1dfSwibWFwVmlldyI6eyJlbmFibGVkIjpmYWxzZSwiaWQiOm51bGwsIm1hcmtlclR5cGUiOiJwaW4iLCJpbWFnZUNvbElkIjoiIn19
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
/
Resource Hash
0afce76c1d7a06860fa3a26ec07bdaa24af7cad986a78378559aa4a1b2115b13

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:55 GMT
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront), 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
FRA56-P6, MUC50-P1
x-amzn-requestid
c220d6ea-7da5-49f0-b060-550328078b27
x-amzn-trace-id
Root=1-663f36d3-395dba4f26c1fc627191a995;Parent=5b2fe8ae0dc8b4ff;Sampled=0;lineage=c0c6ecc8:0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-apigw-id
XmWBHHMtoAMEgTg=
x-amz-cf-id
z1h2zTGsRiypB5-uowaO73hT8KSc1XKcX-oqyqY5mXjMtE73h-Sqkw==
DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN
spread.name/sheet/ 		329 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spread.name/sheet/DtgkVTj21WCgCnrRpjbWF4t6aRxB2y1tzXcy_yknnIxZENuCDl5qsSH1JV6UmvPQnjiN?query=eyJwYWdpbmF0ZSI6eyJjdXJyZW50UGFnZSI6MX0sInNvcnRCeSI6eyJpZCI6IklOREVYIiwiZGlyZWN0aW9uIjoiYXNjIn19&options=eyJpc1BybyI6dHJ1ZSwic2VhcmNoIjp7ImVuYWJsZWQiOnRydWUsImNvbHVtbnMiOlsiU0tVLSIsIk5hbWUtIiwiU29sZGJ5LSIsIkRlbGl2ZXJ5YnktIiwiSGF2ZWNvZGVzLSIsIlN0b3JhZ2UtIiwiVHlwZXMtIiwiVHlwZVNXLSIsIlN0YWNrZWRjb2Rlcy0iLCJDYXRlZ29yeS0iLCJSZWd1bGFycHJpY2UtIiwiRGlzY291bnQtIiwiUHJpY2UkLSIsIlF1YW50aXR5LSIsIkJlc3RzZWxsZXItIiwiRmV3cHJvZHVjdHMtIiwiRGVzY3JpcHRpb24tIiwiRnVsbGRlc2NyaXB0aW9uLSIsIkltYWdlLSJdfSwic29ydGluZyI6eyJlbmFibGVkIjp0cnVlLCJzaHVmZmxlIjp0cnVlfSwidmFyaWFudHMiOnsiZW5hYmxlZCI6dHJ1ZSwiZ3JvdXBDYXJkcyI6dHJ1ZSwiaWQiOiJUeXBlU1ctIiwib3B0aW9ucyI6eyJpZHMiOlsiU3RhY2tlZGNvZGVzLSIsIlN0b3JhZ2UtIiwiVHlwZXMtIiwiU29sZGJ5LSIsIkRlbGl2ZXJ5YnktIl0sInNob3dWYXJpYW50c09wdGlvbnNJbkNhcmRzIjpmYWxzZX19LCJwYWdpbmF0aW9uIjp7ImVuYWJsZWQiOnRydWUsIml0ZW1zUGVyUGFnZSI6IjEwMCJ9LCJmaWx0ZXJzIjp7ImVuYWJsZWQiOnRydWUsInZhbHVlcyI6W3siaWQiOiJDYXRlZ29yeS0iLCJ0eXBlIjoibXVsdGlwbGUifSx7ImlkIjoiU3RhY2tlZGNvZGVzLSIsInR5cGUiOiJtdWx0aXBsZSJ9LHsiaWQiOiJQcmljZSQtIiwidHlwZSI6Im11bHRpcGxlIn1dfSwibWFwVmlldyI6eyJlbmFibGVkIjpmYWxzZSwiaWQiOm51bGwsIm1hcmtlclR5cGUiOiJwaW4iLCJpbWFnZUNvbElkIjoiIn19
Requested by
Host: spread.name
URL: https://spread.name/js/index.js?_hash=484ecb0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
/
Resource Hash
0e3462d939c32ae7235051dfdaeb80eae00dbb14ce002d762eb7cde1fecc18cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:55 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront), 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
FRA56-P6, MUC50-P1
x-amzn-requestid
ddd9222f-6c1c-4e44-bc72-79184fce8778
x-amzn-trace-id
Root=1-663f36d3-0e5e310801e4c4fc6826a0d6;Parent=32bd014abfddbf8a;Sampled=0;lineage=c0c6ecc8:0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-apigw-id
XmWBIE9HIAMEo3A=
x-amz-cf-id
jTHFvAUkzYFt72iMpW3i0er4lA0tKcqERBj8Fhc3_XNoX49USOx_iQ==
8Lpp4bZj.jpg
imagevideo.showthis.work/file/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagevideo.showthis.work/file/8Lpp4bZj.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f2aee605a064d93af8814fe867674c22e2b2686cc05a49fd96e958f32cac7a4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 12 Mar 2021 22:04:34 +0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkPJlD4Jx7pndrk6eSZYwcQ%2BCBb35UUeMFcHZwDxP4fLaKAAxlx9uuqSQG2OtMu%2F6h23atWTGUe86fehclfEdMkg1wpmMF4Q5lC4A8IvxXsYH89BRWLUseJIPsgLtsP3RAsB3xZORzTCdtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-transfer-encoding
binary
cf-ray
88210e50bcb09f5a-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 11 May 2025 09:13:56 +0000
mR25ju19.jpg
imagevideo.showthis.work/file/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagevideo.showthis.work/file/mR25ju19.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c3f0f41f7acd5a80b658927ef160c2a7d3f996d0a8da046cb451ad417f8a15

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 12 Mar 2021 22:04:46 +0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xl9EIFWSZq4FR8LFC%2FRXRO%2B4il6gcrnPOjA0%2BgjKiCy%2BI558x0%2B4psMBh%2Flc8csuwjVrfH0KhOu7PgZwh%2FpSNvkUGIMixlBSDMX3nfNW%2FR%2BxuavIe1NJueM1xzsaMG3Mhbjyk%2F%2BuOSoxdEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-transfer-encoding
binary
cf-ray
88210e50bcae9f5a-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 11 May 2025 09:13:56 +0000
7atGqX8G.jpg
imagevideo.showthis.work/file/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagevideo.showthis.work/file/7atGqX8G.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee1f084f52241e7d4262acfaa14c15329669d2af52991d1e4b7407d4ec55db92

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 12 Mar 2021 22:04:45 +0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BIEcWRR5we1TFvsP%2Bfp%2Bcihq0Ghqa6IFyQlz52fCreOWXDPhsvA5kZM9Js048aoayF0xU%2FjtQXcEOmi%2BPFSsFALH2alp67fgmQgXNpiu4r0lm7NCkiffKwfzoyWuIYLMSDkKYS0UOsnQyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-transfer-encoding
binary
cf-ray
88210e50bca69f5a-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 11 May 2025 09:13:56 +0000
tjyHy7M9.jpg
imagevideo.showthis.work/file/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagevideo.showthis.work/file/tjyHy7M9.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6043cdc59422e5f912eebcc1a76a84f8f3e1358aa0095103e6530505d0a4923d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://shopping.oneforyou.co/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 09:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 12 Mar 2021 22:04:37 +0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmW8nvot4erPEFA1I4Q7ZFUlpr9g5jMRuFpApWF3w4vtmThVdWf6KFFvJY8rZ13SNfeJD1IvhMYLd%2BdFrX%2BoD3uVa9WB0F7VkJ%2BuvoZqW3jiICGLYYvMPsOoKFHm6d0eGgycQqcl1JyDFnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-transfer-encoding
binary
cf-ray
88210e50bcab9f5a-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 11 May 2025 09:13:56 +0000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
private.funnelll.com
URL
https://private.funnelll.com/scriptserver/scripts?id=2855eb8a-0290-4e24-a5f4-1b80db41e288

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| prerenderReady object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| filterCSS function| filterXSS function| fbq function| _fbq function| ssPopup object| fs object| webpackChunkStripeJSouter function| noop function| Stripe object| __global__ object| L string| template

4 Cookies

Domain/Path Name / Value
.oneforyou.co/ Name: _fbp
Value: fb.1.1715418835381.1042277118
m.stripe.com/ Name: m
Value: df88e485-f81c-45c0-8e87-9eac7b25b62875d864
.shopping.oneforyou.co/ Name: __stripe_mid
Value: 8318c01f-18f0-49c3-9fc6-0f85f880d934d7a993
.shopping.oneforyou.co/ Name: __stripe_sid
Value: c37b2ec8-9180-4331-885e-ec39b6759c8e4c2d40

3 Console Messages

Source Level URL
Text
network error URL: https://private.funnelll.com/scriptserver/scripts?id=2855eb8a-0290-4e24-a5f4-1b80db41e288
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://connect.facebook.net/signals/config/829710047788256?v=2.9.156&r=stable&domain=shopping.oneforyou.co&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://shopping.oneforyou.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.spreadsimple.com
connect.facebook.net
imagevideo.showthis.work
js.stripe.com
private.funnelll.com
readynowgo.co
s3.us-east-2.amazonaws.com
shopping.oneforyou.co
spread.name
stats.spreadsimple.com
www.facebook.com
youengage.me
private.funnelll.com
13.249.9.107
13.249.9.61
16.12.66.9
18.216.64.231
18.66.192.110
188.114.96.3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
34.120.184.123
44.212.137.48
0afce76c1d7a06860fa3a26ec07bdaa24af7cad986a78378559aa4a1b2115b13
0e09291de20c414b7c880d6f93086ee898c273f66b8dfdaf0d467163d86317c2
0e3462d939c32ae7235051dfdaeb80eae00dbb14ce002d762eb7cde1fecc18cd
104e1dd42b1a93041add9e8f020e9b05405d14ac722ef40a104617435f10bc6d
12697a7076965af46b63f9487e36b8354e77024898a83ce41b91e84218247788
1aba8adbc8676f9cc1299a182956f284bd4d0f9ccf29de0866852fe7f346c7e2
1d147a1c5b475ead166ee32d7b260b64e3fcac99a6c5ea623b1c7b741e4e90dd
2519c95490973cb3a674fd7f12bf6bc667eb62b5e40948316caf50bc5c86fbdc
2a69f9c759d17283f76e934c647e05f7cf79088e65222b51af94055b46ef1fe9
2c37d50ecda0357ec6991687a78c0f32ce0ae7f26d6ef849fd1a5a19cb234abf
2dda88f9fe9b926149c3c953e87f27676d2e33873df69d2654a80a9f630a2e69
467f3d85cdf7bf5b57cb7eb270fd99c628bdc8d688b2132cc203229e311eb609
4c2714b8e6554eede27cd2c010f1008ecceb21fbe0c9fc353343071c60562fa1
5f5482b3d9d687d674a5262ed3b20699a057b9e227f7e4c471d1a00189b8ff74
6043cdc59422e5f912eebcc1a76a84f8f3e1358aa0095103e6530505d0a4923d
61cf2a6f18269e25ce1d4d68b1d2c6831a8efdb1816c03960b7bccd213fa2087
6aaf9da0a16e9700f2d2f2607a484449f2d595a4957d9323ac5e83e4f14116c6
6f2aee605a064d93af8814fe867674c22e2b2686cc05a49fd96e958f32cac7a4
6f6e65cf063a3c39bd7cb6261299b5160230072fdbb064bd531a9c7767229d53
70cdcf4d89783a8f98b4eba8dc03f25d834b1f2c2d1e54a8ce884ab1c4561604
793c110c0182307e1fc8de64945f9e5e96626ad1eee7df977d4e8af1cf3fd736
7df596d30a34f6e8d5e7d89c8726053567e66000d07a6ee5fb9cbecbb3710088
900f8eaedae9172212407918d88ac4890583377b71979d1d8c911e2a08cc887c
a3550c9746bf5d44f50b5d66cd24ed7b96a90bc5282ca8fbaf2b5ba0d55865b7
ac0951c3e375c232293cdf09efe512a612e5b747f4bfa294d47a5eac809f23b5
b3c3f0f41f7acd5a80b658927ef160c2a7d3f996d0a8da046cb451ad417f8a15
c569ff006ab6a5deffb2b22aa1c3b9f741faccbc3d75635c79e3c9463c465ec4
c6216956b972cd4f4027295c5a23a5d1ecd118d71a4c79aaf26d6ce681c5e7af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
e9e7c8eb60cee60ffb17714a57dc80fe0d06559de89a6db83f3055335c8d02e0
ee1f084f52241e7d4262acfaa14c15329669d2af52991d1e4b7407d4ec55db92
f264bd9429ca7ab5212682f38c31f30f359b79e85672c5276817c741e43705db
f33fefdb7e000918da9fa760f7766341ce64b435374db2afe54ed6f2df80d276
fa4f719b9076356e9d73b50bebecebd52c159ab2ef9cd8b1519f84f872e3341f