urlscan.io logo urlscan.io
SecurityTrails logo

heilsplint.website Open in urlscan Pro
2606:4700:3033::ac43:b6b6  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zeguguyegdeguyezgygzeuy.s3.amazonaws.com/gerugfyegrygreyugfergerg.html?696519750561#TdiWlkYMHuFvrWeOwIwKHNVbwFhzDf&4vBuCEvlCtp&128694/306...
Effective URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source...
Submission: On July 19 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3033::ac43:b6b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is heilsplint.website.
TLS certificate: Issued by WE1 on July 18th 2024. Valid for: 3 months.
This is the only time heilsplint.website was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 52.217.230.9 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 82.131.160.168 12301 (INVITECH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 23 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
28 5
1    52.217.230.9 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
zeguguyegdeguyezgygzeuy.s3.amazonaws.com
1    2606:4700:3037::6815:5395 (United States)

ASN13335 (CLOUDFLARENET, US)
hautgame.com
1    82.131.160.168 (Mosonmagyaróvár, Hungary)

ASN12301 (INVITECH, HU)
PTR: omc2-ird-word.taskmass.com
www.extensivelead.com
1    2606:4700:3035::ac43:dc0f (United States)

ASN13335 (CLOUDFLARENET, US)
www.route2content.com
23    2606:4700:3033::ac43:b6b6 (United States)

ASN13335 (CLOUDFLARENET, US)
heilsplint.website
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2606:4700:3033::6815:5d7a (United States)

ASN13335 (CLOUDFLARENET, US)
trk-consulatu.com
3    2606:4700:3032::ac43:d1d6 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-consulatu.com
Apex Domain
Subdomains		 Transfer
23 heilsplint.website
heilsplint.website
2 MB
4 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 116157
event.trk-consulatu.com — Cisco Umbrella Rank: 262105
3 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
426 KB
1 route2content.com
www.route2content.com
883 B
1 extensivelead.com
www.extensivelead.com
640 B
1 hautgame.com
hautgame.com
606 B
1 amazonaws.com
zeguguyegdeguyezgygzeuy.s3.amazonaws.com
547 B
28 7
Domain Requested by
23 heilsplint.website 1 redirects zeguguyegdeguyezgygzeuy.s3.amazonaws.com
heilsplint.website
3 event.trk-consulatu.com trk-consulatu.com
1 trk-consulatu.com heilsplint.website
1 use.fontawesome.com heilsplint.website
1 www.route2content.com 1 redirects
1 www.extensivelead.com 1 redirects
1 hautgame.com 1 redirects
1 zeguguyegdeguyezgygzeuy.s3.amazonaws.com
28 8

This site contains no links.

Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
heilsplint.website
WE1		 2024-07-18 -
2024-10-16		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
trk-consulatu.com
WE1		 2024-06-20 -
2024-09-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Frame ID: 483CD769E1369F6558418602DEB92269
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sams Club - Survey Rewards

Page URL History Show full URLs

  1. https://zeguguyegdeguyezgygzeuy.s3.amazonaws.com/gerugfyegrygreyugfergerg.html?696519750561 Page URL
  2. https://hautgame.com/TdiWlkYMHuFvrWeOwIwKHNVbwFhzDf&4vBuCEvlCtp&128694/306/omlspjgbxb.home.php?sq... HTTP 302
    https://www.extensivelead.com/3LKKRHG/WLNR36Z//?sub1=21&sub2=306-128694&sub3=1648-204017-256997 HTTP 302
    https://www.route2content.com/37HF1RW/285S9752/?source_id=1621&sub1=c6b9751133fc4d42acb9144a2474209b HTTP 302
    https://heilsplint.website/WSCFE2zxuOuoLNKEDnKsytPxMyma8D/?encoded_value=279768Q&sub1=c6b9751133fc4d42a... HTTP 302
    http://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub... HTTP 307
    https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

5
IPs

2
Countries

2352 kB
Transfer

3197 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zeguguyegdeguyezgygzeuy.s3.amazonaws.com/gerugfyegrygreyugfergerg.html?696519750561 Page URL
  2. https://hautgame.com/TdiWlkYMHuFvrWeOwIwKHNVbwFhzDf&4vBuCEvlCtp&128694/306/omlspjgbxb.home.php?sq=1648-204017&lk=256997-21&page=643 HTTP 302
    https://www.extensivelead.com/3LKKRHG/WLNR36Z//?sub1=21&sub2=306-128694&sub3=1648-204017-256997 HTTP 302
    https://www.route2content.com/37HF1RW/285S9752/?source_id=1621&sub1=c6b9751133fc4d42acb9144a2474209b HTTP 302
    https://heilsplint.website/WSCFE2zxuOuoLNKEDnKsytPxMyma8D/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com HTTP 302
    http://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com HTTP 307
    https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gerugfyegrygreyugfergerg.html
zeguguyegdeguyezgygzeuy.s3.amazonaws.com/ 		153 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zeguguyegdeguyezgygzeuy.s3.amazonaws.com/gerugfyegrygreyugfergerg.html?696519750561
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.230.9 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f34d79113b8ae0633d6115fd329c1a12e02864c6f63fb0718c662b68c022aa6c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
153
Content-Type
text/html
Date
Fri, 19 Jul 2024 18:06:08 GMT
ETag
"182fbc5f785ab4bd43a4c2d140e7ef3c"
Last-Modified
Fri, 19 Jul 2024 16:21:57 GMT
Server
AmazonS3
x-amz-id-2
XgFMAg/+/Sap/NPcQuswWfAqxrmLHLbNP9WSTVVz0J67VGkSQjo5inYnbib7ruULqUdg+iEa5Uk=
x-amz-request-id
NN00ZWZAJG61TWT7
x-amz-server-side-encryption
AES256
Primary Request /
heilsplint.website/
Redirect Chain
  • https://hautgame.com/TdiWlkYMHuFvrWeOwIwKHNVbwFhzDf&4vBuCEvlCtp&128694/306/omlspjgbxb.home.php?sq=1648-204017&lk=256997-21&page=643
  • https://www.extensivelead.com/3LKKRHG/WLNR36Z//?sub1=21&sub2=306-128694&sub3=1648-204017-256997
  • https://www.route2content.com/37HF1RW/285S9752/?source_id=1621&sub1=c6b9751133fc4d42acb9144a2474209b
  • https://heilsplint.website/WSCFE2zxuOuoLNKEDnKsytPxMyma8D/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A19...
  • http://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
  • https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Requested by
Host: zeguguyegdeguyezgygzeuy.s3.amazonaws.com
URL: https://zeguguyegdeguyezgygzeuy.s3.amazonaws.com/gerugfyegrygreyugfergerg.html?696519750561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0909e8184cc692d0f871ead0093c662e5da9b2415ae0b4786acb8056167e85f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://zeguguyegdeguyezgygzeuy.s3.amazonaws.com/gerugfyegrygreyugfergerg.html?696519750561#TdiWlkYMHuFvrWeOwIwKHNVbwFhzDf&4vBuCEvlCtp&128694/306/omlspjgbxb.home.php?sq=1648-204017&lk=256997-21&page=643
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8a5ca4db9f1717a1-EWR
content-encoding
br
content-type
text/html
date
Fri, 19 Jul 2024 18:06:11 GMT
expires
Fri, 19 Jul 2024 18:06:10 GMT
last-modified
Tue, 16 Jul 2024 14:10:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JY%2B1GXEUmYW8MLfpO8mMzZ1zCqcX6OEhvnAj74remq1nahCsZE78G%2BrAcDtVcS0OhA%2BMMjk2qBYAqXdXjZKAAdOixJKnjdhWUzz%2B1B3gda1SNTSfte4mZLUYSq4OrWu0%2BAy0STUvnR927v%2FaTT2qKjM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Non-Authoritative-Reason
HSTS
style.css
heilsplint.website/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heilsplint.website/css/style.css
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9735541417e32613ec63e62e3ba9dce552ded5f7b4d8165c6a5a5f4018665ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jul 2024 14:10:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66967f62-3ee5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZgX7A7IA0yliFOv6r9VNloycAePfUMGjCFAmD6k7pkOCgU0LJCeFOIAJ55N6HjkjLnftpraLkUcFQIxHWuvS7KREfHEGx5kVkUpW0PfMBn1LhojNkKU5KBCYEODc2Q0A2XJ6XPh8%2F3TTSwWsv5RbAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache
permissions-policy
interest-cohort=()
cf-ray
8a5ca4dc9fc117a1-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Jul 2024 18:06:10 GMT
animate.min.css
heilsplint.website/css/ 		70 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heilsplint.website/css/animate.min.css
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jul 2024 14:10:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66967f62-11846"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snNjLk8vZ%2FtOUBDLwn%2BlR%2BOXbmUjRPdZCES68YzqzAKMNjpYyvdCygTC7o3x006OcjFvtkU%2BN5z7qxNl6DddVsvoGjjidUffQ7qJo4ZKt9eiTeXNvZAeRKrPgGR2Oajam6ir9Z5UIFae%2FgySFL8U6Ck%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache
permissions-policy
interest-cohort=()
cf-ray
8a5ca4dc9fc217a1-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Jul 2024 18:06:10 GMT
all.js
use.fontawesome.com/releases/v5.15.4/js/ 		1 MB
426 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer
https://heilsplint.website/
Origin
https://heilsplint.website
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
265810
etag
W/"5e29440867fdb02a48dffded02338c31"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1xW%2BtXP3M9PfDLWX%2Bu%2B6hqz8cZdIjRWg8KoAK3wpgQbOxmvf47G6Ik2boZbGZ0MX0lWrI2saexuM2CMLla53uGxFgMbNSGu3R6KgSmMKioTXRC85W1mmyrByyf7jUS6LZ4Cu20D9SQC385RLU%2BteOa8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8a5ca4e19f410f47-EWR
alt-svc
h3=":443"; ma=86400
datehead.js
heilsplint.website/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heilsplint.website/js/datehead.js
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jul 2024 14:10:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66967f60-999"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1Umds4FppPc3zC9kV0k32FY8Z7mRGZa6Dh5ybM8%2BFeoA3gabZdz1ZmxOB7EmnawEmAePGFVJKcugwaMeLLM1E7MqRxWEpm2oOsK1AdQv1pdgwOHmyw9t%2BZOSaDZ6WKxeK2JveHJeN0G%2BMMW1GzpFW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
permissions-policy
interest-cohort=()
cf-ray
8a5ca4dc9fc517a1-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Jul 2024 18:06:10 GMT
logo.png
heilsplint.website/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/logo.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecb0e88e950ef5341985a33c6aa1f2e6c6d172fe13e5754544986053309848d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16309
last-modified
Tue, 16 Jul 2024 14:10:46 GMT
server
cloudflare
etag
"66967f66-3fb5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lv17zo2r4G%2F2StjRpnt1TqoBvAeLaF%2BwDpn4NFilmfYXFo%2FNFnUEfv0lHTlUc7UwRHJ9VUjH8vXTy0fJSe%2BvqRVZj2aqvwL0W4pMx3dY%2Bvw9tMIinQf1UzMhRVA%2FoUZgDxBy9ZmLDpLOehoSxc3jc88%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4dc9fc617a1-EWR
expires
Fri, 19 Jul 2024 18:06:10 GMT
flaglogo.png
heilsplint.website/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/flaglogo.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1781
last-modified
Tue, 16 Jul 2024 14:10:48 GMT
server
cloudflare
etag
"66967f68-6f5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7n3M9i6NsEXDtFbZb3YvXieUCMuhJH6ZF8gYQ87oNaNOm%2B7isEVU5wdM6kkyFE%2FL28TEBviDqy8ztEVCJtrAbvEiWAa9lupZYlZ70lI6KzknHid2m%2FdRKRoJU6BtvNU1X3dTNYA9pA3U3Qqrc8qLJ%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4dc9fc817a1-EWR
expires
Fri, 19 Jul 2024 18:06:10 GMT
product.png
heilsplint.website/images/ 		464 KB
465 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/product.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9934e084b0660bf653642f6f047fe281ecb990ffb3b2005d3230c910181e9010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
474933
last-modified
Tue, 16 Jul 2024 14:10:45 GMT
server
cloudflare
etag
"66967f65-73f35"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QpZFYKKF0NUC6i1nb%2F9ORlxvKhqVXmrXWeS0KX%2FsXcZXbXwo0iavxsUu9S7zX%2F6gZMHuuFsfYofN0RUO09WsAg99SLIzc%2B9rdFAJdpUHE%2B4u9ldd4ggUsq3fFW8bdc2AkqRWI9Wfj2jr0HpUKP%2BQ5Lk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4dd586b17a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
loadingBL.gif
heilsplint.website/images/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/loadingBL.gif
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
124659
last-modified
Tue, 16 Jul 2024 14:10:44 GMT
server
cloudflare
etag
"66967f64-1e6f3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m2wWdO0J9mjneTH42ATdSylCT9t6kdNWHx4bsKyvvYvzDKSGg%2BCek8XTkkzhVLiJ2T93Eh%2BkjmUm5hI8p8EPQ2YXk%2FmWgIOvWmeewmkswKgJsr2E23zfgGle7%2Bm7UGPVBSf4NLxFMgaGGSlinIyIBco%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4dde8e417a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
prize1.png
heilsplint.website/images/ 		459 KB
459 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/prize1.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fc8a6757a74c38bec584ff39eaf193349ff8d393a39e1e2fe634c8629c3caef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
469541
last-modified
Tue, 16 Jul 2024 14:10:44 GMT
server
cloudflare
etag
"66967f64-72a25"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFF7Ii%2Fwhtuh3%2BW5murYLAvSMJYI017KevTl7rAKgslFudv1Z54iYWmerQkuwdeMKjfZe8MqNm9r1o3ublE4rMsI%2FotWlv3pdztnn2DSUaTKSg4RVhG3e9quOIq3%2B%2BDSYGEkW8vumfVIeiOxX04L9Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4dde8ea17a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
1.jpg
heilsplint.website/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/1.jpg
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
43861
last-modified
Tue, 16 Jul 2024 14:10:48 GMT
server
cloudflare
etag
"66967f68-ab55"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmKYyBJrZPQ1S5MRTCs%2Fvq6vEU%2FjioDHJlK3NNZ5YO2OKcNfUTcX8zbLhDTVOA%2BHuc74h48viQ1jh9kTU5W7KEtCF65cS9S70TYC6RamhUeqTRumHSHQrHfkhBvUrNrv5Yy5j1RxINrl9kWavFflhMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8ed17a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
2.jpg
heilsplint.website/images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/2.jpg
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
31837
last-modified
Tue, 16 Jul 2024 14:10:47 GMT
server
cloudflare
etag
"66967f67-7c5d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXjFF0RxhsnZZewj1AMjcIh2GZ6rwEMe2c0OgEOkgV1DCdJwpeUspe0OhgBvOQtJgRCR%2FftxKTQWJ5LivpeaXpFNzgyVS8LTZ38%2FrnS8HEA8XqoMr3apu9M9zBuIirsmE91BJVaupvReDVP0xrmygQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8ee17a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
comm_pic_1.jpg
heilsplint.website/images/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/comm_pic_1.jpg
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74d01ece7d9ae3c46651d50b3809fa8634ec556e6f81c2e7b9e48916cb5c755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
106016
last-modified
Tue, 16 Jul 2024 14:10:47 GMT
server
cloudflare
etag
"66967f67-19e20"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mWdUVP0e%2FW%2F7Mdbu0WiCOEF40TaFh19Q7IZJEGLxlrPnb5X%2BKITiUgYt5VxWsSnP8syslmKLJ8HICjUPeZNqGYeNroTWOmndwhu2BcE%2B3%2FxVyE2tRwOyVvUH4o4Tc8uMhxB3sqjP9XHT7Ced6AvCoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8ef17a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
3.jpg
heilsplint.website/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/3.jpg
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
65241
last-modified
Tue, 16 Jul 2024 14:10:47 GMT
server
cloudflare
etag
"66967f67-fed9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3YfCOCYIEoNa1VRp0KKseEU%2Biu4fPGRPYyteY2JCMaoHLipo06PuGKkIW8VXC7H1o9u5EDK%2BnqCfso8HXSXKLGjCD3InM67WXanNfLXV2dImR11NiSgA0alUXgmuMtCJPJHQoUT9Fzr%2FCD1ofZLPeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8f117a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
4.jpg
heilsplint.website/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/4.jpg
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
37344
last-modified
Tue, 16 Jul 2024 14:10:45 GMT
server
cloudflare
etag
"66967f65-91e0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZWiB1PmhGRtZoZW20RlaNwDtWI%2BFLFz7qKbOl7CdDIrnIDvFfft661SYM1aiJ%2B8%2FUWJAsqtnfas7OhReR%2BmKukhBCTQU7%2FC%2BgF7TCvd4jSQuRdr8ofP8apOzRJV7PZAf32YBmQ2rJC2vx2Owo4t4gk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8f317a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
comm_pic_2.jpg
heilsplint.website/images/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/comm_pic_2.jpg
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c79b2fc5bdd079f00e69574571d627c641c6784a98c418b2c214cfd596bcdbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
117892
last-modified
Tue, 16 Jul 2024 14:10:50 GMT
server
cloudflare
etag
"66967f6a-1cc84"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANw0djCBdcQaCZyDmXHRLvvDkZh6B0NmoqIO1loyk2a%2F39acv8xg281Q9kRMxFFkaukILMB7UOlkofTuzSqN0WOxmzB4sptB640jQpRx%2Fmd1GmD7a6stP1h21SdtXmB0j%2B9T7lcdRJlLm9QQ8b2ctFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8f417a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
5.jpg
heilsplint.website/images/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/5.jpg
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
44747
last-modified
Tue, 16 Jul 2024 14:10:43 GMT
server
cloudflare
etag
"66967f63-aecb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18K7WvL2CpqTANlxAFPQi2HzDq%2By2I%2BNk5aYQM10ZeXY71YZRh%2F346nSAivWp%2FfFHdeglhasvUwr9OKhNs74upHv22U1K5scMgFVUGpNBlVGHd9zdcnMXFwXTNfHxgp1dzRy0wwiQtTf5INprS%2Bn6jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8f617a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
f_guarantee.png
heilsplint.website/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/f_guarantee.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6352
last-modified
Tue, 16 Jul 2024 14:10:44 GMT
server
cloudflare
etag
"66967f64-18d0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNY7C3e%2FnIcfXdviGENLJ8qBkg6x8mupYaCSnT8vse8J7%2FjE69CTwDtsTu7CFCuZ5QhAq3t4RMyDgF3a3IjP6A2eS4x4q3%2B9Es5%2FNdTxazn95ZQ66k%2BeNxdwFR7FhBZkhg3i4riFpAWW1CehFmTr%2BHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8f717a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
f_secure_1.png
heilsplint.website/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/f_secure_1.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9862
last-modified
Tue, 16 Jul 2024 14:10:46 GMT
server
cloudflare
etag
"66967f66-2686"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLkvk1KOzgzA%2BnbOit1wHuugnRT1Jt6HIdNyIh2vX0%2Fmr%2F%2BcfTExO53CQzwYtaBFxHhS29J9b22WpdBA%2B%2BIf4d3qBU2qPgkDn%2F7Q3eYjGK2yD6HagI3QYbMjDa3SibxxAFiHT5uYtkL%2Bbac4PO0neQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8f817a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
logo2.png
heilsplint.website/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/logo2.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28257dcafd891e72074c8c1e2c0926073e890b37a0ae3e97c471787104863813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
19997
last-modified
Tue, 16 Jul 2024 14:10:46 GMT
server
cloudflare
etag
"66967f66-4e1d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mB0g%2F%2FHmLQLmRonRicc9hEE6ILlSXDoA%2F3nmMP1TY2F9F%2BiCKM0gixXMFFTe8mCtWsi311Q4Xd%2BBKHw6QJwVSMKp30t1V6ExZkoE8DFIh%2FERSKgzo0%2BaXuECwH1U3Q17ccxQFQMC7cRWsaZqJ2jVGpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8f917a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
script.js
heilsplint.website/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heilsplint.website/js/script.js
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5cdafc3b03041d5bfd24e712ee1bbcd321cbe9a10195ca77bab85eca7584e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jul 2024 14:10:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66967f61-267d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQvZFPOhqXbs5OctoB%2Bz2MXn9Skgrjs4OtUaAc6OxXXGWxiz%2FW%2BSXoo6ZPvUKC99qLt2pFQfrKwVOhBWjdaDXiwkDcJ3kFB22K%2Bgt1K845QjW%2Fmbz9ow8hTocPcXXjC0Bm4y2ZGyrUO8fYSnzWZZ1HA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
permissions-policy
interest-cohort=()
cf-ray
8a5ca4ddf8ec17a1-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Jul 2024 18:06:11 GMT
bg.png
heilsplint.website/images/ 		360 KB
361 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heilsplint.website/images/bg.png
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e85bd3f9ef3b3da4c3ec42a264fd9ec0550cd62519b1cb92baa5c9df4d8e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
368571
last-modified
Tue, 16 Jul 2024 14:10:50 GMT
server
cloudflare
etag
"66967f6a-59fbb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6SaBiELywtnQNGu3TmThzlwgkVAbPfCep5MnfWKNNYnReZof7swu7IeUTkZRFdIL5OqE0EfcE40Am%2FLbAB7HYR%2BzaKnLMPNs6aXj8UDUnKMKpXpTZfAnIsTwHlnSuYX6hWdlFkma5ew%2FjAEnEfCe3L0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
8a5ca4ddf8fa17a1-EWR
expires
Fri, 19 Jul 2024 18:06:11 GMT
64d5p99gj0
trk-consulatu.com/scripts/push/script/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=heilsplint.website
Requested by
Host: heilsplint.website
URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b14a6c6e865003421ab287785a0ae730f3e5d5c83d499043aa0dcc52ce3fb9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heilsplint.website/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2518
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 19 Jul 2024 15:41:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZOOEqpHbB5F2A46UBoMMF6pPze7JabvKGW1U6v84wACt7sGX7OEfJBupHiA9%2BNANLPkhQ%2BwnAd7nUgqRs4DvFZGx65W72O3h4Jd1Mglbz45Sc20FPQVadBj%2F6jaWpxibCSp%2B7ohiNQTZZUjg5DUrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
8a5ca4e12ea243a7-EWR
expires
0
favicon.ico
heilsplint.website/ 		555 B
612 B 		Other
General
Check archive.org
Download Go to
Full URL
https://heilsplint.website/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b6b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e209d6d6e97cb95d6246e176f50383d75b0ea94345c7cc1c0777e178935db3c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:06:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jo6HzjDwViMW4%2FejsVdA7PN2WDst9rXXdUBfmGjU%2FNP4WWN5Pio84AGshVikRzwQW0HbIYeqcylfE67moYggYfRiQHkn7yXg31Ir7F002%2Bf6eVhe1M2rB2D1No5YNoX1eBplRxh74AmlI66uxnpZ9j8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
permissions-policy
interest-cohort=()
cf-ray
8a5ca4e3edbc17a1-EWR
alt-svc
h3=":443"; ma=86400
64d5w03vdj
event.trk-consulatu.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/64d5w03vdj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://heilsplint.website
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a5ca4e868ad0fab-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Fri, 19 Jul 2024 18:06:13 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2FUd60A3akkXaTzn576FQyUcO4y9w70vUvKI9hrekUWVbyy8DNYY15et3mlZiy8BgPhnCEvJIJk3ykRLUxy3t9ZJuYVS3gHPQv2KYV2IXcEU0bLzN2smwGuEto5FOOOcOOjiwGrzf6S9m8shonaa772yVE79w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
64d5w03vdj
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/64d5w03vdj
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=heilsplint.website
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heilsplint.website/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 19 Jul 2024 18:06:13 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6DXk9vrIJhC%2FQxtYAHH3G220CQjxz%2FxuHeM2usL5eiPaKU4k%2FvujNYHE86dA%2FaJUduOaai8Jq9w3vT2bVLLWMeXrS7DXM44M33otaF4vgsuJnHCikLp%2B19zv6Rg%2Fv%2B490N4n4RWG3xXmGShGlcvdQlhkrAfeg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8a5ca4e919710fab-EWR
x-pushplatformapp-params
64d5w03vdj
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/64d5w03vdj
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=heilsplint.website
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heilsplint.website/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 19 Jul 2024 18:06:14 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxdEsIQWB3OPieaAB5QaCMfA7OM%2FnuHdlyBC%2FhhhyfN7TC2FjJuxK4%2FgeE60z958GGdIZHmLyt9iwjtef9uAI5fb%2B1wby0OH9jmdTgr8lgftSTp2g9aF9Mgocisag2WoD1JcKxgeXw9txlPB%2FBvi2myBO2vd6A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8a5ca4edce280fab-EWR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| datehax function| datenhax function| datenhay function| startTimer object| answers number| lastQnum function| toNext object| states object| dones object| loadImg object| loadBgCol function| drawloader number| qn number| dsq function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

3 Cookies

Domain/Path Name / Value
www.route2content.com/ Name: uniqueClick_285S9752
Value: 3870acea-79d5-4709-9815-527e9e6ac622:1721412371
www.route2content.com/ Name: transaction_id
Value: 00c000320ef64a3d84cefb5e2d336986
heilsplint.website/ Name: SESSIONIDS
Value: WSCFE2zxuOuoLNKEDnKsytPxMyma8D

2 Console Messages

Source Level URL
Text
network error URL: https://heilsplint.website/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://heilsplint.website/?encoded_value=279768Q&sub1=c6b9751133fc4d42acb9144a2474209b&sub2=&sub3=&sub4=&sub5=19857&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
hautgame.com
heilsplint.website
trk-consulatu.com
use.fontawesome.com
www.extensivelead.com
www.route2content.com
zeguguyegdeguyezgygzeuy.s3.amazonaws.com
2606:4700:3032::ac43:d1d6
2606:4700:3033::6815:5d7a
2606:4700:3033::ac43:b6b6
2606:4700:3035::ac43:dc0f
2606:4700:3036::6815:1b98
2606:4700:3037::6815:5395
52.217.230.9
82.131.160.168
0909e8184cc692d0f871ead0093c662e5da9b2415ae0b4786acb8056167e85f6
1b5cdafc3b03041d5bfd24e712ee1bbcd321cbe9a10195ca77bab85eca7584e4
28257dcafd891e72074c8c1e2c0926073e890b37a0ae3e97c471787104863813
385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443
3c79b2fc5bdd079f00e69574571d627c641c6784a98c418b2c214cfd596bcdbd
5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76
5ecb0e88e950ef5341985a33c6aa1f2e6c6d172fe13e5754544986053309848d
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
87b14a6c6e865003421ab287785a0ae730f3e5d5c83d499043aa0dcc52ce3fb9
8fc8a6757a74c38bec584ff39eaf193349ff8d393a39e1e2fe634c8629c3caef
9735541417e32613ec63e62e3ba9dce552ded5f7b4d8165c6a5a5f4018665ee9
9934e084b0660bf653642f6f047fe281ecb990ffb3b2005d3230c910181e9010
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
b3e85bd3f9ef3b3da4c3ec42a264fd9ec0550cd62519b1cb92baa5c9df4d8e8e
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b
e209d6d6e97cb95d6246e176f50383d75b0ea94345c7cc1c0777e178935db3c5
e74d01ece7d9ae3c46651d50b3809fa8634ec556e6f81c2e7b9e48916cb5c755
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f34d79113b8ae0633d6115fd329c1a12e02864c6f63fb0718c662b68c022aa6c
fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7