Domain shopeab.com
United States
Software information
Apache
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-11-14 07:41
Last seen 2026-01-02 18:57
Open for 49 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa37dd2db492eb743ebbd7f0c0cdef2a19a5e28dcdaGraphQL introspection enabled at /graphql Types: 55 (by kind: ENUM: 10, INPUT_OBJECT: 6, OBJECT: 33, SCALAR: 6) Operations: - Query: Query | fields: me, product, products, shopInfo, shoppingCart - Mutation: Mutation | fields: addToCart, loginWeb, removeFromCart, removeFromWaitlist, updateCartQuantity Directives: deprecated, include, skip (total: 3)
Found on 2026-01-02 18:5779.6 kBytes
-
-
Open service 151.101.130.132:443 · shopeab.com
2026-01-09 14:30
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Server: Apache Cache-Control: no-cache, private Content-Security-Policy-Report-Only: default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data: blob: android-webview-video-poster:; font-src * data:; connect-src * blob:; media-src * blob:; frame-src * blob: navigate:; worker-src 'self' blob:; frame-ancestors *; form-action 'self' www.facebook.com tr.snapchat.com pos.commentsold.com; object-src 'none'; manifest-src *; child-src 'self' blob:; report-uri https://o43862.ingest.sentry.io/api/239693/security/?sentry_key=deb2fc6b7d104f7ea6241356c26c14d0 x-robots-tag: all X-Request-Id: a9cc27a2-98db-4866-9cfd-daeae1b6b3f0 Set-Cookie: laravel_session=eyJpdiI6IjV3a1lsMXdKQjhSdzlsalBEYmNETVE9PSIsInZhbHVlIjoiWmovUFpsaGJwb0Z2VDJxa1Z6dExNLzVHMDJyOXU3MERhYTMxM3RIeXk2ZGg3WXVoakZhckwzUzEvck1kS3hWd3AyeHdWYnYxMlBGcVFFVWRBMGhpZ0VPT2RQajRrbWNFOEUyWmlGdGZJeXBOZ1lvZHo4dWFZSkFCUnVuQzhmalciLCJtYWMiOiI3Nzk5MzYyOTAyYWE3NjU0MWVmMDY2MjA0MjZiODY0MTcwYjQ0ODVkMjcyZjc0ZDI3ZTJlYzE1NjgzMTQwODQ3IiwidGFnIjoiIn0%3D; expires=Tue, 10 Mar 2026 14:30:13 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Set-Cookie: JGLVtteP8vmsumVhexmBIOKXvWZEKdDvwCNpTH1m=eyJpdiI6IndIWjJuQWEzQ3NXS3dhL3h6Z2U0Z0E9PSIsInZhbHVlIjoiUUVPbDNrOXA3ZktqNU9HZHNnbSthM0dsMWdXNDUxanhxMVpFNFpTYThGUmk4MjNNQkkzOUFpbm9NdVMwUG16U0JMYytvRERmZHg4VkJKZUdkeWhLL1ZyWjl3RFljdDdkS0JhMDlraGpPMFFBVWVRbndKTWhDbHRMb1grcHkyTGxFVlFJVjZSUjIzTk5Xb2xqL0kyN0VrM3NhZG5rY3I4S3ZJekYrRHdTTmE0VjZocXM4Mndiajh6TXFETkdHNDZlazBJeXR2MS81dUJmdHhCbzhBcS90NG5nZGZlTXF3aUcxY3NIeTZDWTFobEp4QmVQLzJyQ1ppbzhEb29kYUFxbTVrb05RQXVaRVNCYnRENjlXMjRQYVJaRGVPclZPbWxlWCsycDVBQTJPdkR2RGVmUUxkMnM0T1pLL2Q1SEYrSVV1V0lyaDNtdGZFS01TVUhxT3lGdG1nWlFUZWk4N1R4Z3Z6THpuR1QzRkZIbDIxNXY5VTZjWkdxVTZRY0d3MzJKQ0VJVWV1STNlYTVRSEk0bWwrQW1HZVpKQVY4dlozTGVrdENDSXl6R3h0bStDbUZrWjArcnV5QU92UnZMQ3U4V0NnK1ozZmxIejNia2tVT1NsNE1OTzR3RTVJVURaakJOWUFUUVJmc09VcUk9IiwibWFjIjoiMTIwOWRmNjU5NTkyOTczNDM3Y2E5NzU4YzczYWE5MzkxOTU2YzAzMzJiN2YzOWM0NWM1NzY2NjM2MWMzY2UwMSIsInRhZyI6IiJ9; expires=Tue, 10 Mar 2026 14:30:13 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT Access-Control-Max-Age: 1000 Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Accept-Encoding Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish X-Cacheable: NO:Set-Cookie Date: Fri, 09 Jan 2026 14:30:13 GMT X-Served-By: cache-chi-klot8100051-CHI, cache-fra-eddf8230026-FRA X-Cache: MISS, MISS X-Cache-Hits: 0, 0 X-Timer: S1767969014.587173,VS0,VE323 Vary: Accept-Encoding Strict-Transport-Security: max-age=900 transfer-encoding: chunked
Found 2026-01-09 by HttpPluginCreate report
-
Open service 151.101.130.132:443 · shopeab.com
2026-01-02 18:57
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Server: Apache Cache-Control: no-cache, private Content-Security-Policy-Report-Only: default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data: blob: android-webview-video-poster:; font-src * data:; connect-src * blob:; media-src * blob:; frame-src * blob: navigate:; worker-src 'self' blob:; frame-ancestors *; form-action 'self' www.facebook.com tr.snapchat.com pos.commentsold.com; object-src 'none'; manifest-src *; child-src 'self' blob:; report-uri https://o43862.ingest.sentry.io/api/239693/security/?sentry_key=deb2fc6b7d104f7ea6241356c26c14d0 x-robots-tag: all X-Request-Id: 56f08bdd-598b-4f7d-af0d-40ca2d152d0f Set-Cookie: laravel_session=eyJpdiI6ImpSYXV2RmU1QlZ4YTN4ckRMN0tNbUE9PSIsInZhbHVlIjoiNFo4UkNoa3Bvd2hEN2ZiMTZ6MUpWQkRRT2I0YmhvWm53c3hoRDJnUFk2TzJMeE50RHVxVThKUEZRYzhla2c3d1hnRlZXVkcxZTZtdmxqVU5TdnM0VTZWOTI5dm1pZTFrSHprQVdiQ2JXTW5qbjRSMm1lM0xXZzByZ2FFMjYxUE8iLCJtYWMiOiJlM2VhYjY4OTI1NjMxZDk0YjIzZWRjY2IzNDgzYzU5OTU0OWZkZTk2OWIwOTBmZmZhNjgyNTUyYmI0OGFjOGVlIiwidGFnIjoiIn0%3D; expires=Tue, 03 Mar 2026 18:57:17 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Set-Cookie: zEkHjAgehulwfCupebF3HuYA8sPfMyhWlluVgiDj=eyJpdiI6Ik1UVk4xcTRmUU5vVVFXSjN2TVZqbWc9PSIsInZhbHVlIjoiSWg5dktjL204ZU9TOXBVT1Q2c0IyeDhzRzNJeXN1dUtRZEROaElOd2Rub2Q4MGkvRnVvZ0pLMkZFeTl2N0lad1ZPZHlKRkRIUFg0ODFXdnBDWWJxR3BId2t3VktBVFl0TWJVK2p3TTJnRDRoZ1o1YmVBSUZHMk9xR0F5OW1uVmJibklreHYvT2M2TC8ybHVqVDFzVG1SeDFySnkwOHZ2Z0VGUkErNW1TMTZEMDFpdGhrKzl5REJXUTE3a1hXMnNaNU5aZjNQYTJ1aS9BbkVOUTcva1U2NUpHWWVMUjZiTlM2UUlFZGhLOENBVFZRNEE5VVd3NWNSK0g4UzM5cnFMYVRaa0xibWFyeS9kS2ZYamRWWWdDOGthcUVqa3NEZDZSbW9kZENCTG11Y0RaNHN1ZnhXTURyaHF5c2RSUU9oSis2b05BNHI0ZlFKL0w5Ull5S1Zab0MrQnBsR2ZKak9WbzJQVHdxMHVBWW1XNHJPdHpqd1k1Vm5Ic2tyUTl6UEszSEk3aEh5bnZib2hTV01pTFR5a1M2UVY1ZWlVVzAvbmZ6cW5BTjBLNlN5bjhaeURpTjh0WTB5bWhsM2Ivb05sTWwxdk1objlzUng4cnNYM3JUa3orQkU2RXNBL0JlVlR1bFlDZ1k2UFd5dXM9IiwibWFjIjoiNjQyMDQxZjAzYTgzMTI5YzZmZGRmMjE0Mzc0ZjVmNjNlZjJkYjhhY2JiMjczNWZmOTllNDQyNmViNWE4YjUzNyIsInRhZyI6IiJ9; expires=Tue, 03 Mar 2026 18:57:17 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT Access-Control-Max-Age: 1000 Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Accept-Encoding Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish X-Cacheable: NO:Set-Cookie Date: Fri, 02 Jan 2026 18:57:17 GMT X-Served-By: cache-chi-kigq8000077-CHI, cache-rtm-ehrd2290035-RTM X-Cache: MISS, MISS X-Cache-Hits: 0, 0 X-Timer: S1767380237.000669,VS0,VE390 Vary: Accept-Encoding Strict-Transport-Security: max-age=900 transfer-encoding: chunked
Found 2026-01-02 by HttpPluginCreate report
-
Open service 151.101.130.132:443 · shopeab.com
2025-12-23 08:14
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Server: Apache Cache-Control: no-cache, private Content-Security-Policy-Report-Only: default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data: blob: android-webview-video-poster:; font-src * data:; connect-src * blob:; media-src * blob:; frame-src * blob: navigate:; worker-src 'self' blob:; frame-ancestors *; form-action 'self' www.facebook.com tr.snapchat.com pos.commentsold.com; object-src 'none'; manifest-src *; child-src 'self' blob:; report-uri https://o43862.ingest.sentry.io/api/239693/security/?sentry_key=deb2fc6b7d104f7ea6241356c26c14d0 x-robots-tag: all X-Request-Id: 7fce8c98-b3a5-43b0-b081-de351cc7a84d Set-Cookie: laravel_session=eyJpdiI6IlJaV1NVK2ZMQXJiVmk0c0tHa0dtaGc9PSIsInZhbHVlIjoiRUJEdTlsMktuQ1RGdVkzWHlYWHhZU05qRXExWXRRR2tGWGpGVTlyNWtVUXNIc2VvY3hmc2pHS0RFc3lvVkZtN0Z3N0V5eCtjZit5R2Z5T1RaMUh3UDR0M0h2Q3hITnk3NFBEck82WkVJUkRpVm9ta3FxNjQ1VUt5SElPaXkzWkgiLCJtYWMiOiIwNTE2NDQ4MWZjOGM0NjA5ZjY2NGJjZDlhNWJlMzM2YmRjNWRiODhhODU2N2FmOTZjMmMyNmNjMDhmYTJjYjYwIiwidGFnIjoiIn0%3D; expires=Sat, 21 Feb 2026 08:14:17 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Set-Cookie: Oj43oFuXVDeKhwCJrkrOhgmwm7dtAQCKMOzvYo8G=eyJpdiI6ImdraW9XV2N1SUkwS284N0V0bE0rWmc9PSIsInZhbHVlIjoicjdSOHZPenFLSURiTFk2SHlYY3RNQmxpMDZ2Yi8yb1d5TGlOWEJaTjIxWE5XSk5OUXQ4K0NEUktlTU1IaDh4Z3B0MjNxU0JkajhCQk5PN2pid2pIeGM1YktQNE5jN0IyOWQwelhicjczYjNRTjVQQjJ2NXpES1BHSkFXeU1QRG5HRUI4Q1hjOVRMWkxvemp2bnpoU2hybjlsczQ5RndQNnBSbGJkOTczMDkxYWtrRmQ2c0d0cDBIMEdnWXFveXFuSlJVd2tZQmlIQ2IzbGN1Z0s3UjJkeEhocWp3WEwrZHhyT25HdjdNRjNYZUQvbVFhTTZoUkhsc0d4Vkp1bVJxUk9YSDhXeTZBYkhHUmZIZk5tajJyMmhTTTQzMkYrSVlXcWVhNUx0QnNRbkRSQVhvQzhRUnNEa2p0dTZSZkMwbXluNHhjOTRVc3A3c3p3Q3lnYWJUZjlIdTczS2R6U3dMNTlEOFZVTkw0WXpmNmhuUEp2UGpNc3hrWDAyTFlBUnhNVzlDemJoVHlWODRBODFLY0txcSt4VWh2YklZaDMvbFJZdVNhSUxIVzdJSGhPZVB1bVh1eE5mTm1KRDJETGdTeitKSllMUC9qeHZRWFh4Uit2cHNIdmxpY3RDc1VFZThmMHNiNThMV1BiREU9IiwibWFjIjoiMzRiMmQ5MzQ0Yzc5MDIzODlhNWQ4NmU0OWVjMDFkZGQyYzYwNmRhZTU0ODgxYWQ3MDNjYmExNDk0ODBiZGJmNCIsInRhZyI6IiJ9; expires=Sat, 21 Feb 2026 08:14:17 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT Access-Control-Max-Age: 1000 Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Accept-Encoding Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish X-Cacheable: NO:Set-Cookie Date: Tue, 23 Dec 2025 08:14:17 GMT X-Served-By: cache-chi-kigq8000102-CHI, cache-sin-wsat1880087-SIN X-Cache: MISS, MISS X-Cache-Hits: 0, 0 X-Timer: S1766477657.220085,VS0,VE430 Vary: Accept-Encoding Strict-Transport-Security: max-age=900 transfer-encoding: chunked
Found 2025-12-23 by HttpPluginCreate report
-
Open service 151.101.130.132:443 · shopeab.com
2025-12-21 00:41
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=UTF-8 Server: Apache Cache-Control: no-cache, private Content-Security-Policy-Report-Only: default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data: blob: android-webview-video-poster:; font-src * data:; connect-src * blob:; media-src * blob:; frame-src * blob: navigate:; worker-src 'self' blob:; frame-ancestors *; form-action 'self' www.facebook.com tr.snapchat.com pos.commentsold.com; object-src 'none'; manifest-src *; child-src 'self' blob:; report-uri https://o43862.ingest.sentry.io/api/239693/security/?sentry_key=deb2fc6b7d104f7ea6241356c26c14d0 x-robots-tag: all X-Request-Id: 3f419052-37a6-4dcc-88aa-f35b6d3b8832 Set-Cookie: laravel_session=eyJpdiI6IjlJa3dNQlhIUG50YlRvcExkS2tBZUE9PSIsInZhbHVlIjoiaVRTWDFkWTI2R2htUlhhOUFkMUJCUkJJQUhXMTgyWlZCbUJxcEtmMXhoV3EvRFdyTysvNmZMOXBJMXJvcDFwcHhmWHN2TzBrWjBQNTlxSlp3aElkbGdSdE5uRDh0eWh5UkJZbWxJTDlobVdLUVpNTXNlQW9qT0Z1TEYzd004R0kiLCJtYWMiOiI4MDI1NTcyNmM4NTMyZGJhZWVkMGJhMDA0ZDgwMGQ3NDFmMzMxMmVhYTU4Nzk2YmU1NzQ0YmQyYThjYjQxMDQ2IiwidGFnIjoiIn0%3D; expires=Thu, 19 Feb 2026 00:41:01 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Set-Cookie: p88M9b4KfPJJr7yOawx5b6OhdfDZSJpJvL4lmPP1=eyJpdiI6IjJiZ3BQUkJaZWxjWDBKUzdwVi9UVWc9PSIsInZhbHVlIjoiSFFURVZXZ2VJQ0NSYk1EaWRmQXhueElnUkRLbzgzcFNrVWlGVlhVdUJCMUkvdG5MUUE4U25sYVBwa2NmZnNWUFhQTVNvUHd5K2k2SXNCWm9rbkRaTlh1ZTR3UmVVQzlsYWJDMENUSVliVmJib2FRdHhMTDlvaXVqMDQwZjRrU1lwVEZDMEdJdjdSQ240ZFNEUGlZK04yOEx5cHlMLzFYZVR6aUZWWUE5VkFKbGFIeElVaG1hOXptdlhQK2p6TjVIMzlsOUhHY0laRE1lbXJnTkxmT1hFbHd6dmRtTnV6QzdSNUptSDQwUlZrb1MwVkI1S2tLcDFRZlZod2NCQ1JzcmhadXpvQWo3eFNiVDNCVkRSVkVwZGdQUXJMMDcwNTZXMjN2ZFBhaW5OMDhoaTBRTDFBYk1WTWtpZG13WFEwTnVsZGwxY0V2eTJFNERWbmZUVEE1OG1NMUJPS2hibXZidHpoemRSQXZTNy9UYThObmJxeHJLVnQrOTlPTDVkWklKZTNwTFo1OWR5TnlieDRmdW1sWnVMWlVnQmk3eW5ETXRNdkVFTmowWkdmN2F1K3VkQzdudC9pTjdpRGd5cnRZOFpCSHgwb2JDT0k1K1F0TXZReno5RHM4L0F0Qk1vMFIwMElRSmFacTNWWUk9IiwibWFjIjoiYzNlZTA5M2I3ZjViYzMzNmEwZThlNWMyMzFlYzVjMGI3NjE4MDJjOTllYjZiYzEwMmJlMWM0MGFkYjc2MDIwOCIsInRhZyI6IiJ9; expires=Thu, 19 Feb 2026 00:41:01 GMT; Max-Age=5184000; path=/; secure; httponly; samesite=none Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT Access-Control-Max-Age: 1000 Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, Accept-Encoding Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish X-Cacheable: NO:Set-Cookie Date: Sun, 21 Dec 2025 00:41:01 GMT X-Served-By: cache-chi-kigq8000135-CHI, cache-yyz4537-YYZ X-Cache: MISS, MISS X-Cache-Hits: 0, 0 X-Timer: S1766277661.432497,VS0,VE439 Vary: Accept-Encoding Strict-Transport-Security: max-age=900 transfer-encoding: chunked
Found 2025-12-21 by HttpPluginCreate report