hebrewgoo.shop Open in urlscan Pro
2606:4700:3031::6815:1692 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.us-west-1.amazonaws.com/dfhdfgbdfghdfghdrgssza/azeertrtyuyiuioklmhjkdfcvbnwx.html?07675164947173686882919568451569050287...
Effective URL:
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source...
Submission Tags: falconsandbox
Submission: On July 22 via api (July 22nd 2024, 5:26:13 pm UTC) from US — Scanned from US

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3031::6815:1692, located in United States and belongs to CLOUDFLARENET, US. The main domain is hebrewgoo.shop.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.

This is the only time hebrewgoo.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	52.219.194.152 52.219.194.152	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3037::6815:5395	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	82.131.160.168 82.131.160.168	12301 (INVITECH) (INVITECH)
1 1	2606:4700:303... 2606:4700:3035::ac43:dc0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	2606:4700:303... 2606:4700:3031::6815:1692	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::ac43:d1d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	4

1 52.219.194.152 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com

s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5395 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hautgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.131.160.168 (Mosonmagyaróvár, Hungary) 1 redirects

ASN12301 (INVITECH, HU)
PTR: omc2-ird-word.taskmass.com

www.extensivelead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:dc0f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.route2content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3031::6815:1692 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hebrewgoo.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:d1d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	hebrewgoo.shop 1 redirects hebrewgoo.shop	3 MB
4	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 116157 event.trk-consulatu.com — Cisco Umbrella Rank: 262105	3 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	426 KB
1	route2content.com 1 redirects www.route2content.com	866 B
1	extensivelead.com 1 redirects www.extensivelead.com	640 B
1	hautgame.com 1 redirects hautgame.com	598 B
1	amazonaws.com s3.us-west-1.amazonaws.com	547 B
28	7

	Domain	Requested by
23	hebrewgoo.shop	1 redirects s3.us-west-1.amazonaws.com hebrewgoo.shop
3	event.trk-consulatu.com	trk-consulatu.com
1	trk-consulatu.com	hebrewgoo.shop
1	use.fontawesome.com	hebrewgoo.shop
1	www.route2content.com	1 redirects
1	www.extensivelead.com	1 redirects
1	hautgame.com	1 redirects
1	s3.us-west-1.amazonaws.com
28	8

This site contains no links.

Subject Issuer	Validity	Valid
*.s3-us-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-06-10` - `2025-05-20`	a year	crt.sh
hebrewgoo.shop WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
trk-consulatu.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Frame ID: A979A4C3402DF60A61E613FC5B686D2F
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Costco - Survey Rewards

Page URL History Show full URLs

https://s3.us-west-1.amazonaws.com/dfhdfgbdfghdfghdrgssza/azeertrtyuyiuioklmhjkdfcvbnwx.html?076751649471736868... Page URL
https://hautgame.com/4hRcnR128871imBv261dhwghmxyea1650VGYLBBCBCUTLQJS12224%2F257250P32 HTTP 302
https://www.extensivelead.com/3LKKRHG/WBTCGX2//?sub1=32&sub2=261-128871&sub3=1650-12224-2 HTTP 302
https://www.route2content.com/37HF1RW/25XCWZJM/?source_id=1621&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8 HTTP 302
https://hebrewgoo.shop/lbnLOVa1lR/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2... HTTP 302
http://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub... HTTP 307
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

3168 kB
Transfer

4015 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.us-west-1.amazonaws.com/dfhdfgbdfghdfghdrgssza/azeertrtyuyiuioklmhjkdfcvbnwx.html?07675164947173686882919568451569050287288260195190 Page URL
https://hautgame.com/4hRcnR128871imBv261dhwghmxyea1650VGYLBBCBCUTLQJS12224%2F257250P32 HTTP 302
https://www.extensivelead.com/3LKKRHG/WBTCGX2//?sub1=32&sub2=261-128871&sub3=1650-12224-2 HTTP 302
https://www.route2content.com/37HF1RW/25XCWZJM/?source_id=1621&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8 HTTP 302
https://hebrewgoo.shop/lbnLOVa1lR/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com HTTP 302
http://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com HTTP 307
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK azeertrtyuyiuioklmhjkdfcvbnwx.html
s3.us-west-1.amazonaws.com/dfhdfgbdfghdfghdrgssza/ 153 B
547 B 742ms
226ms Document
text/html 52.219.194.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-1.amazonaws.com/dfhdfgbdfghdfghdrgssza/azeertrtyuyiuioklmhjkdfcvbnwx.html?07675164947173686882919568451569050287288260195190
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.219.194.152 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 153
Content-Type: text/html
Date: Mon, 22 Jul 2024 17:26:01 GMT
ETag: "182fbc5f785ab4bd43a4c2d140e7ef3c"
Last-Modified: Mon, 22 Jul 2024 16:30:05 GMT
Server: AmazonS3
x-amz-id-2: 7gqEh+ptFhjKv65LXHGg4fiQ1dd93xkLspNvnboYBz/wZ2GxfwzQNb7mA/IPN21uR8Gt9Fj1/Uc=
x-amz-request-id: 726N48EW8NA3Y5TJ
x-amz-server-side-encryption: AES256

GET
H2

200

Primary Request / Show response
hebrewgoo.shop/
Redirect Chain

https://hautgame.com/4hRcnR128871imBv261dhwghmxyea1650VGYLBBCBCUTLQJS12224%2F257250P32
https://www.extensivelead.com/3LKKRHG/WBTCGX2//?sub1=32&sub2=261-128871&sub3=1650-12224-2
https://www.route2content.com/37HF1RW/25XCWZJM/?source_id=1621&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8
https://hebrewgoo.shop/lbnLOVa1lR/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2conte...
http://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com

29 KB
5 KB

219ms
218ms

Document
text/html

2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com

Requested by

Host: s3.us-west-1.amazonaws.com
URL: https://s3.us-west-1.amazonaws.com/dfhdfgbdfghdfghdrgssza/azeertrtyuyiuioklmhjkdfcvbnwx.html?07675164947173686882919568451569050287288260195190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa279c0cffdb7a0988b918d6fc1789776baf44f6072e5caa6c38caecae30b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://s3.us-west-1.amazonaws.com/dfhdfgbdfghdfghdrgssza/azeertrtyuyiuioklmhjkdfcvbnwx.html?07675164947173686882919568451569050287288260195190#4hRcnR128871imBv261dhwghmxyea1650VGYLBBCBCUTLQJS12224%2F257250P32
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8a7522366ee38c18-EWR
content-encoding: br
content-type: text/html
date: Mon, 22 Jul 2024 17:26:04 GMT
expires: Mon, 22 Jul 2024 17:26:03 GMT
last-modified: Thu, 23 May 2024 08:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NaY33W4jI9Vk%2BRO8ZIk07eClctDq0YxOFrtF%2B7TXp2wXf4x%2FQg3vRa79DwHa6GxtJ3mgwt3FHdtjUg7%2FObZr0kLhFgwbd2JPZVo4%2B0cME%2Fuo91wfuBWhQcEvXtpQEL6ImJBHmclGVLJM7R7LQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Non-Authoritative-Reason: HSTS

GET
H2 200 style.css
hebrewgoo.shop/css/ 16 KB
4 KB 236ms
235ms Stylesheet
text/css 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/css/style.css

Requested by

Host: hebrewgoo.shop
URL: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d356043132fc7d3b91bdc65041830a2ed5ed95ac6dabbf4c268a70edf047952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-40cd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6kc6lEH%2FwLP8sqTFUw4BwSsPIATmlRqymjvu0YS7oBuB8diBq2qk3KxRz%2BJR%2FjbALQISiICcHkBT9ohmlSKrMA2rgSRJs8QSYYEsFECP1FmxXIU0KWhDzN5%2F5mwk9qrhCeokOpWjk0vkB1Iqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a752237d8708c18-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 17:26:03 GMT

GET
H2 200 animate.min.css
hebrewgoo.shop/css/ 70 KB
6 KB 339ms
339ms Stylesheet
text/css 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/css/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvywqwRM4JUUw34ZO9smkwA2uMhqI2USKrjdHF2J4mBY2uagvhYSOBbMuVRPbwu9eOY2xx08JyennLmVKIIHYTYSRjZx9lA6HxnLa74dYvTV6scQbKMqeJ4R7FynkN8M5TsQXNfKdEhJjl3eHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a752237e87b8c18-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 17:26:03 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
426 KB 738ms
124ms Script
application/javascript 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: hebrewgoo.shop
URL: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer: https://hebrewgoo.shop/
Origin: https://hebrewgoo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 315096
etag: W/"5e29440867fdb02a48dffded02338c31"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yzm1WbKMLwJHPIaFf7pti4rfvpvnX%2BTS2yuu9N3R8Bgl1rw3ddYZsdWqhEvuwrrpLtLhJrqXv8eUoiRNGTuejzH%2F59A6h2Iwr2NrrEaZQLaJOBq7EYa5ZZyWxGoX05fDsVJym0%2FQY70GLfBa872P2T%2FY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8a75223decc3c44f-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 datehead.js Show response
hebrewgoo.shop/js/ 2 KB
1 KB 348ms
348ms Script
application/javascript 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/js/datehead.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2215549496077a7d057c08a85d3fe2609a7268ce1be9c17c8269e8ba49219d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-993"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ffSA%2FxksCdfHAr9JossKqFok3En%2B56Qw4ALBTm5aePVROVSGSUaqzD7K8YyB4d6mM6339HkOKBEYnzto7IYSb93X0Vl2KzvtSEsjsfBIqeOR9a6IJbFH3UQjZ4InbfE8FPLRFjfePow7LIjLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a752237e87c8c18-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 17:26:03 GMT

GET
H2 200 logo.png
hebrewgoo.shop/images/ 70 KB
70 KB 348ms
348ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0f5b2cd5f170b66008034343ff81a3f68d217f9d05a9c73a393995cdc18e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 71742
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-1183e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJzGmjrKYkDdNi7TImhwVsnGSa5ccB8S0dpV6ZX%2B8IZpzi1TuplVeIuWT6JEAKv%2BLUu43a3qIEKVhniKztccyKlIBxoXc%2Bc6VdDIXch0e%2FG6yic7ULlGUmEj1mh4aSV3xd6NnPON%2B82bhe9KXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a752237e87e8c18-EWR
expires: Mon, 22 Jul 2024 17:26:03 GMT

GET
H2 200 flaglogo.png
hebrewgoo.shop/images/ 2 KB
2 KB 235ms
235ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/flaglogo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1781
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-6f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZA4cBz%2FdQy9o0FZsfnZrqXPdCgHOZkHjj3ZU1QwGi7MFNDYWg4xTYcP8RA7eK9J6HBtllt3jB2Fakwfd7A4va%2Bi3DFr1m1qzJVMb7MlSDpz8yWi0HtIVSabgCbGMioD0pKRdtUFkMKU%2FKyCOeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a752237e8808c18-EWR
expires: Mon, 22 Jul 2024 17:26:03 GMT

GET
H3 200 product.png
hebrewgoo.shop/images/ 849 KB
849 KB 607ms
607ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/product.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f12b848c302893e70e4f8755d5a0cf3aede858c5c2d31f3e3bcb372c2fc1fc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 868963
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-d4263"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BwMlW13%2F9crN7C0dWi3Wej1YUDesa%2FMBuBAbzWpLMVumUtPO4K%2FUvRI4fgI4SW%2BWdY3rVAane65ETnPt2nijxvG%2Bq2DJmFd2nd6udVVEonEkLM%2BT4FZfjCbL5AYSQiB3xIqTuE%2FfMd8CluOBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a7522394ec74246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 loadingBL.gif
hebrewgoo.shop/images/ 122 KB
122 KB 605ms
603ms Image
image/gif 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/loadingBL.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d769b5e89c5845baca4f51f91d02fdf4a4cbeb9db32c30e1c1c1f7a539518216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 124490
last-modified: Thu, 23 May 2024 08:47:52 GMT
server: cloudflare
etag: "664f02b8-1e64a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nu6tUL%2BJpcz5HS4sYfIE6KpZGDDr%2FB%2Bk19pTDoW88RcLqZoo5eVkImFyw2otGbpE9UPpwSygqGPvnuf5%2F6ie05EP3B13dhomP9VIktG3Yjoe9ea%2FUyWJ5ln6RgbcfB%2FkbwYaL3Psu8QZ%2Bxsg9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a084d4246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 prize1.png
hebrewgoo.shop/images/ 849 KB
849 KB 669ms
666ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/prize1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad15a1c8abf4e322a54dd3e3d7284d78d6e7a8cd08d479a33d736664c451925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 868991
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-d427f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36omzr7iOhkSQ%2BviR5TlR2ag%2B0bGe2uofyPXqcYIChQuXWuq6shZVOUdzDGr73xIRzqaDIQNmGYurFWOnuck6qgp%2BFrvtKICQjL9YQ8KAbOoQXaAwkPmfEkziuztF9J45mHtNs0Z6%2BcEJm%2BowA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08514246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 1.jpg
hebrewgoo.shop/images/ 43 KB
43 KB 670ms
667ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43861
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-ab55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKPl6WYflUo%2BdZiF6HWmgx878ru%2B%2FEu2Sx%2BuqVi%2FW%2BycR1ghsd8ghoxmOw%2FakFNlq2L4Ob0qbtDEhskDb2WOTQsnsW6VMy81PGjBxn8BmYNIywKMr48YQuaF5XSHSDXS09uFWO1oMIhA%2B6UkDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08564246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 2.jpg
hebrewgoo.shop/images/ 31 KB
32 KB 671ms
668ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31837
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-7c5d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUSirday%2BDY1rD16GMIR%2Bj%2BUIzMn6HF6mswYDip0CBYZritJp7gJG8zF%2F7kjkuIyeEFOj5OvuUmcJMTASpVu2Qw9yHYzQrpM6VqlTWLtzhj50JazcuK0uut4bD2VJ%2FYJ7z2X5VLkUIAbXgi6zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08574246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 comm_pic_1.jpg
hebrewgoo.shop/images/ 133 KB
133 KB 671ms
668ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/comm_pic_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe9894030d91219a28cd448944ee1e68b4a835d0a365bcf7ed8e0eede0a8d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 135845
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-212a5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1TAl7hmrDPiNGDNJPfrJnRgjfIgZDB99wbiOjaP41s5S%2B56dFS%2BFv3vDdmjBUKREtikiawxL7woRH32lEspvO36uZjXnoReFhQGixdku%2Fvz1Q6gnEpvwxD3nQIrSf6uY0JJ3ZFZRB1HqyDnLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08634246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 3.jpg
hebrewgoo.shop/images/ 64 KB
64 KB 1642ms
1639ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 65241
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-fed9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNo7MIXC%2Fa%2B1IvBYiRADFZbqgiF1ONlmnzkKjbd8f8HwvJhN8sNG6omzX3bTHvN7ba%2BBnd0yLCR0qC8zIeGKlddHqmRHe0qhpGVl6wwWGjwRJqry3T3h8%2FUlUQNoRQRm%2B0fdUrZ8i%2Fl%2FVsgDsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08664246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 4.jpg
hebrewgoo.shop/images/ 36 KB
37 KB 1667ms
1664ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37344
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-91e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhbkSN7wPIYVg%2FV6ug7qu2bIgn5yqi4V2kFO1qNljDL3jwWc6RePXVdKvNr8zQxxMIHWGCPPtu0%2Bpl%2BZbNeX2dFMzDfC3TXairKoJ1VKD6dgDJKm7M4nhlr5pbKfZv6isPyKhsTcIThgHbAWRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a086a4246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 comm_pic_2.jpg
hebrewgoo.shop/images/ 89 KB
90 KB 1668ms
1666ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/comm_pic_2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c29bd68979b782c55e08a2d267b302f836a5595591b8755dd61cd979fef8ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 91296
last-modified: Thu, 23 May 2024 08:47:55 GMT
server: cloudflare
etag: "664f02bb-164a0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZO0LtU2LDBtcmUh1VFplAQH399okYR9SpAToX%2Be9EH7GdUGp1Ru%2BGCmxx6PgqBNRy%2FpylgvcQhbhaoyFdogsI9CZFe3FVLADSKeXWg5np8kdArhIK87tUBoc4O7S9sS4dNpMmCfHYQvXvpH4Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a086e4246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 5.jpg
hebrewgoo.shop/images/ 44 KB
44 KB 1675ms
1672ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/5.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 44747
last-modified: Thu, 23 May 2024 08:47:52 GMT
server: cloudflare
etag: "664f02b8-aecb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QjjCEAF%2BFDeVqdVKr11fkbngRdZk1lY0h%2FVbo6w%2FFVcMA1w5hT4m0uVusKQYv30HZgNI65sZlO8h%2FOfqExg8nXSWxAJ6cNw3xHPphZoCnkHPlUYPFtmJyvPnxnSQJwOAWsAE0nEnvvRsoW0Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08714246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 f_guarantee.png
hebrewgoo.shop/images/ 6 KB
7 KB 489ms
487ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/f_guarantee.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Thu, 23 May 2024 08:47:52 GMT
server: cloudflare
etag: "664f02b8-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71%2BulejY%2BIYWd%2BdV%2BONIqA%2FLGb8WFKqRmY5zC4dz9tCmKwc8rznX9KBY9tGT1riTn7mluc2V9zF8xLHBB%2FFuPmR4w51Id1S7RscKnvPXjysLHbzJVeSg92CgGDGkjo8HTLbhadAWPIx5QthF3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08744246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 f_secure_1.png
hebrewgoo.shop/images/ 10 KB
10 KB 1720ms
1717ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/f_secure_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9862
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-2686"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ehuMOuyqojWz2u3pkRtIJWkqR3%2FzzU5VdaZR6J3q%2F6BU3xQmCxvfvrcFUxVLv6RdbRC1icxqk7gygpyTzmcE9H9Z0n9BChmkpyTXWSWnYf%2BvRM7h1QKDr2S4s74zfjmJZHrXAN4WOKUbsRFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08754246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 logo2.png
hebrewgoo.shop/images/ 57 KB
58 KB 1724ms
1722ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/logo2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4741d1d2864014822db5602ca77825a76f99d4f15716aa65a9f2b414022e4dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 58839
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-e5d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1cnjsGNVUBMI7oiVkPTv7SX6DVrLrU8px4jP7Xm2ccMkW0y9wIQwab7vOwIyuY6o0VVUP6dyTaN%2B9LiX%2BhuoGLdbRPPVPPwQIerDPBI9545ykLbCJq3oG%2Fjw7GsZEXAGLdHVdGAqTbt0fKkmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08764246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 script.js Show response
hebrewgoo.shop/js/ 10 KB
2 KB 669ms
666ms Script
application/javascript 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/js/script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b119c3fc8802873653eb5275e1ec08d9c46205e6fa617fe1b3f244dfa6e935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-2762"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uAQFe%2BCL3N43ZxIMZAs0jWQ6DeTzOb6CFK6JCGvBrDBIGTBjdk05ezHlCPzLH2E8fHTm0aisFhnypuU0kWkrfV21MlpqjbYJkSCmab8yeh5PkiEhZ%2FgMN40vCs%2FFoUwuJrPrOwAjsVkPs2Y3iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a75223a08534246-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 bg.png
hebrewgoo.shop/images/ 307 KB
307 KB 1741ms
1740ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/bg.png

Requested by

Host: hebrewgoo.shop
URL: https://hebrewgoo.shop/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace0dbdd1d9dcf52875152da2e63e23d22ef060c3d4e5043216f49e95ec05906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 313941
last-modified: Thu, 23 May 2024 08:47:55 GMT
server: cloudflare
etag: "664f02bb-4ca55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaOHX92J6%2FUIBP801j5zfUmuGAKC2d894KUA8OJ878mqGPvb%2FlGwvl4fJSTcwZ9LfcySZHQd%2FdDoIKdgdWpfAsIlT9E9vJyfZ0aXt%2F3MFDEmvRZu8OEBZ2a%2Bhk6%2FDdekSSYrVCmjPjcow5aVQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a75223a08784246-EWR
expires: Mon, 22 Jul 2024 17:26:04 GMT

GET
H3 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 8 KB
3 KB 408ms
134ms Script
application/javascript 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=hebrewgoo.shop

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17980435bb551ae77fbe94b0316aba370ba562d18d9754672e27e7f62f845d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hebrewgoo.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6274
alt-svc: h3=":443"; ma=86400
content-length: 2518
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jul 2024 15:41:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lh0rSdol59aR%2B0WvrdzAJ0y7QIZ28gI%2F6MwDJLU07tYCAP4te5wIrH2fUO0qO1aUlqGOicUxKAqEamb0yKqc28TGwqYqTFXssVMwiUSOJCAuoU0RnlAhUsZqmRcd25pVnnHljRGzBpe5M%2B0cMRnZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
cf-ray: 8a75223ff94d78dc-EWR
expires: 0

GET
H3 404 favicon.ico
hebrewgoo.shop/ 555 B
611 B 222ms
222ms Other
text/html 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2207c76354fea52955f22eb5c778857be502b966f2646b48cb458a56efb553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 17:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWRCs5wAXuUeoxouAS6LyAzBNK1M3GVI7kXx6yhqQy2FEy8JqWxsWkB3JXDc6ysSyytQLCcDViaGIZOxkOFaIGjc0JWnwSquEIONSWPrtar3LgijqYCqMfx6xrNkzRklIRYSwdGWNBJRWWPuew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
permissions-policy: interest-cohort=()
cf-ray: 8a7522461f894246-EWR
alt-svc: h3=":443"; ma=86400

POST
H3 200 oldwq28odz
event.trk-consulatu.com/register/event_log/ 0
0 109ms
107ms Fetch 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/oldwq28odz

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=hebrewgoo.shop

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hebrewgoo.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 22 Jul 2024 17:26:07 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vO91N4817N1yMcMHiCWF8KIX80Wkut%2FqyL3D%2Bd8KOAemrfdNyFbDl8Dm3yPmLOIG2AnLbs%2BlMB%2B%2FxzKEswHamlvw9Q77pliMMdy9tOQ0lF%2B6qcPOLsqDwBuR8dq%2F%2FqLwyeo8y4OLzmVA%2FiJWa0JrFUr9z01n8A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8a75224b79e00f8d-EWR
x-pushplatformapp-params

OPTIONS
H3 200 oldwq28odz
event.trk-consulatu.com/register/event_log/ 0
0 380ms
113ms Preflight 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/oldwq28odz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hebrewgoo.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a75224ab9210f8d-EWR
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Mon, 22 Jul 2024 17:26:07 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4NS3E3OWHCGBqejrozXX93d%2FA5VoJAWGBtwe77rzLqttgtCSlTbITxE%2FhC2w6SvP5UO2kvs209yhUjmPYXxdpdaUf9YkTXefbydewSHs1ZTJ9cnU99ToEb0lpC5KuPQH2htdv%2FB2bJrxEUqEhZ2zEO1MwuKdg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 oldwq28odz
event.trk-consulatu.com/register/event_log/ 0
0 103ms
103ms Fetch 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/oldwq28odz

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=hebrewgoo.shop

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hebrewgoo.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 22 Jul 2024 17:26:08 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFtZsmHz%2FfjVm6Kd5bkqM4SGq8kVBTgstrDUwrpRbH9e5VJ05%2Fk3xFLAOO0Fc40mg05RfGT9E8BHuG65dvUAW4xMY09398iFWqiwXQReF5%2BhLgGf6UiaLEby8qRvWTyuqCF6r1Qxa7e1kk9iaqGONVbY%2FRNyLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8a7522519a2a0f8d-EWR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.route2content.com/	1970-01-20 22:15:55	Name: uniqueClick_25XCWZJM Value: a08e036c-7a0b-4409-aca2-158231a7090f:1721669163
www.route2content.com/	1970-01-21 00:24:05	Name: transaction_id Value: 212b23ed6ef14ed4a971f2976cb8ea9f
hebrewgoo.shop/	1969-12-31 23:59:59	Name: SESSIONIDS Value: lbnLOVa1lR

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hebrewgoo.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=35fc7fa9a62a4218b5f7eac1e0dc13e8&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
hautgame.com
hebrewgoo.shop
s3.us-west-1.amazonaws.com
trk-consulatu.com
use.fontawesome.com
www.extensivelead.com
www.route2content.com
2606:4700:3031::6815:1692
2606:4700:3032::ac43:d1d6
2606:4700:3035::ac43:dc0f
2606:4700:3037::6815:5395
2606:4700:3037::ac43:8ef5
52.219.194.152
82.131.160.168
2215549496077a7d057c08a85d3fe2609a7268ce1be9c17c8269e8ba49219d8d
28b119c3fc8802873653eb5275e1ec08d9c46205e6fa617fe1b3f244dfa6e935
385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443
3aa279c0cffdb7a0988b918d6fc1789776baf44f6072e5caa6c38caecae30b3d
3c29bd68979b782c55e08a2d267b302f836a5595591b8755dd61cd979fef8ffd
4741d1d2864014822db5602ca77825a76f99d4f15716aa65a9f2b414022e4dfc
5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76
5c0f5b2cd5f170b66008034343ff81a3f68d217f9d05a9c73a393995cdc18e4c
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8fe9894030d91219a28cd448944ee1e68b4a835d0a365bcf7ed8e0eede0a8d5d
9d356043132fc7d3b91bdc65041830a2ed5ed95ac6dabbf4c268a70edf047952
ace0dbdd1d9dcf52875152da2e63e23d22ef060c3d4e5043216f49e95ec05906
ad15a1c8abf4e322a54dd3e3d7284d78d6e7a8cd08d479a33d736664c451925c
ba2207c76354fea52955f22eb5c778857be502b966f2646b48cb458a56efb553
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d17980435bb551ae77fbe94b0316aba370ba562d18d9754672e27e7f62f845d9
d769b5e89c5845baca4f51f91d02fdf4a4cbeb9db32c30e1c1c1f7a539518216
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f12b848c302893e70e4f8755d5a0cf3aede858c5c2d31f3e3bcb372c2fc1fc6c
fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7

hebrewgoo.shop Open in urlscan Pro 2606:4700:3031::6815:1692 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

4 IPs

2 Countries

3168 kBTransfer

4015 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hebrewgoo.shop Open in urlscan Pro
2606:4700:3031::6815:1692 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

3168 kB
Transfer

4015 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!