hebrewgoo.shop Open in urlscan Pro
2606:4700:3031::6815:1692 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.amazonaws.com/rgirginirgininirgirginini/aaaaaapodifgjadiofjgsodifjgiopjxoijbxicvjbxocivjbxicvjb.html?25760o7t8...
Effective URL:
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source...
Submission: On July 18 via api (July 18th 2024, 11:38:35 am UTC) from US — Scanned from US

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3031::6815:1692, located in United States and belongs to CLOUDFLARENET, US. The main domain is hebrewgoo.shop.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.

This is the only time hebrewgoo.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	52.217.98.22 52.217.98.22	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3035::ac43:b175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	82.131.160.168 82.131.160.168	12301 (INVITECH) (INVITECH)
1 1	2606:4700:303... 2606:4700:3035::ac43:dc0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	2606:4700:303... 2606:4700:3031::6815:1692	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:5d7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3032::ac43:d1d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	5

1 52.217.98.22 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b175 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hautgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.131.160.168 (Mosonmagyaróvár, Hungary) 1 redirects

ASN12301 (INVITECH, HU)
PTR: omc2-ird-word.taskmass.com

www.extensivelead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:dc0f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.route2content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3031::6815:1692 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hebrewgoo.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5d7a (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:d1d6 (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	hebrewgoo.shop 1 redirects hebrewgoo.shop	3 MB
4	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 116157 event.trk-consulatu.com — Cisco Umbrella Rank: 262105	3 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	426 KB
1	route2content.com 1 redirects www.route2content.com	1 KB
1	extensivelead.com 1 redirects www.extensivelead.com	640 B
1	hautgame.com 1 redirects hautgame.com	728 B
1	amazonaws.com s3.amazonaws.com	547 B
28	7

	Domain	Requested by
23	hebrewgoo.shop	1 redirects s3.amazonaws.com hebrewgoo.shop
3	event.trk-consulatu.com	trk-consulatu.com
1	trk-consulatu.com	hebrewgoo.shop
1	use.fontawesome.com	hebrewgoo.shop
1	www.route2content.com	1 redirects
1	www.extensivelead.com	1 redirects
1	hautgame.com	1 redirects
1	s3.amazonaws.com
28	8

This site contains no links.

Subject Issuer	Validity	Valid
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
hebrewgoo.shop WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
trk-consulatu.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Frame ID: 2AB136C7BB5AE701D98FF20CF58636E3
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Costco - Survey Rewards

Page URL History Show full URLs

https://s3.amazonaws.com/rgirginirgininirgirginini/aaaaaapodifgjadiofjgsodifjgiopjxoijbxicvjbxocivjbx... Page URL
https://hautgame.com/ngDLjlstYfffxgAtgmarwtvbbcYLGp&4nMFhpBDHVL&128496/261/qndfpuqlox.hom... HTTP 302
https://www.extensivelead.com/3LKKRHG/WBTCGX2//?sub1=22&sub2=261-128496&sub3=1649-101650-257264 HTTP 302
https://www.route2content.com/37HF1RW/25XCWZJM/?source_id=1621&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc HTTP 302
https://hebrewgoo.shop/lbnLOVa1lR/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2... HTTP 302
http://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub... HTTP 307
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

5
IPs

2
Countries

3169 kB
Transfer

4015 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.amazonaws.com/rgirginirgininirgirginini/aaaaaapodifgjadiofjgsodifjgiopjxoijbxicvjbxocivjbxicvjb.html?25760o7t82cxc9rury2sfs3fdk17gyu0f8r5 Page URL
https://hautgame.com/ngDLjlstYfffxgAtgmarwtvbbcYLGp&4nMFhpBDHVL&128496/261/qndfpuqlox.home.php?sq=1649-101650&lk=257264-22&page=964 HTTP 302
https://www.extensivelead.com/3LKKRHG/WBTCGX2//?sub1=22&sub2=261-128496&sub3=1649-101650-257264 HTTP 302
https://www.route2content.com/37HF1RW/25XCWZJM/?source_id=1621&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc HTTP 302
https://hebrewgoo.shop/lbnLOVa1lR/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com HTTP 302
http://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com HTTP 307
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK aaaaaapodifgjadiofjgsodifjgiopjxoijbxicvjbxocivjbxicvjb.html
s3.amazonaws.com/rgirginirgininirgirginini/ 153 B
547 B 459ms
106ms Document
text/html 52.217.98.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/rgirginirgininirgirginini/aaaaaapodifgjadiofjgsodifjgiopjxoijbxicvjbxocivjbxicvjb.html?25760o7t82cxc9rury2sfs3fdk17gyu0f8r5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.98.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 153
Content-Type: text/html
Date: Thu, 18 Jul 2024 11:38:23 GMT
ETag: "182fbc5f785ab4bd43a4c2d140e7ef3c"
Last-Modified: Wed, 17 Jul 2024 16:23:30 GMT
Server: AmazonS3
x-amz-id-2: IcU70jvPFBJE0oM4vJDszHb9PGZ5O0N+/k13dgC8F9q8pv2pkECIskl7aTQGiRR8LEBXAqs7tCg=
x-amz-request-id: CGAD06XAC4GFR3PC
x-amz-server-side-encryption: AES256

GET
H3

200

Primary Request / Show response
hebrewgoo.shop/
Redirect Chain

https://hautgame.com/ngDLjlstYfffxgAtgmarwtvbbcYLGp&4nMFhpBDHVL&128496/261/qndfpuqlox.home.php?sq=1649-101650&lk=257264-22&page=964
https://www.extensivelead.com/3LKKRHG/WBTCGX2//?sub1=22&sub2=261-128496&sub3=1649-101650-257264
https://www.route2content.com/37HF1RW/25XCWZJM/?source_id=1621&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc
https://hebrewgoo.shop/lbnLOVa1lR/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2conte...
http://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com

29 KB
5 KB

337ms
336ms

Document
text/html

2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/rgirginirgininirgirginini/aaaaaapodifgjadiofjgsodifjgiopjxoijbxicvjbxocivjbxicvjb.html?25760o7t82cxc9rury2sfs3fdk17gyu0f8r5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa279c0cffdb7a0988b918d6fc1789776baf44f6072e5caa6c38caecae30b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://s3.amazonaws.com/rgirginirgininirgirginini/aaaaaapodifgjadiofjgsodifjgiopjxoijbxicvjbxocivjbxicvjb.html?25760o7t82cxc9rury2sfs3fdk17gyu0f8r5#ngDLjlstYfffxgAtgmarwtvbbcYLGp&4nMFhpBDHVL&128496/261/qndfpuqlox.home.php?sq=1649-101650&lk=257264-22&page=964
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8a522f798e184267-EWR
content-encoding: br
content-type: text/html
date: Thu, 18 Jul 2024 11:38:26 GMT
expires: Thu, 18 Jul 2024 11:38:25 GMT
last-modified: Thu, 23 May 2024 08:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eo97VZYESr0a%2Bed%2FrjSz0d83orAMCNsSIARvv5yIMskfRay%2BTs0QqRjJgnu0ia4IEYXZtcNDTHb%2FU3A1hhT9XTnwU1Cgh8L3kArNKShf%2FD54Q3rnVvYoh0zJTOSEwvkJwNV2I3cVve28m8NAew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Non-Authoritative-Reason: HSTS

GET
H3 200 style.css
hebrewgoo.shop/css/ 16 KB
4 KB 220ms
219ms Stylesheet
text/css 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/css/style.css

Requested by

Host: hebrewgoo.shop
URL: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d356043132fc7d3b91bdc65041830a2ed5ed95ac6dabbf4c268a70edf047952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-40cd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWE0KFZpjKBXcBB1QXkH7e784yyqq8RZ4Co8mFaqQhSEEykbcoJn8%2FL3aucvC%2Byd1l16Oxy67U8Exs7L4leHjTP0Mtq246%2FlWIc8kuK42U5d7NsWJpVvACP9N7xn5AnfC2cYpXxJdCJFcc5ZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a522f7c58a84267-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 11:38:25 GMT

GET
H3 200 animate.min.css
hebrewgoo.shop/css/ 70 KB
6 KB 420ms
418ms Stylesheet
text/css 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/css/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBuCYh4EbirXcg26Q0%2F3%2BX4HjWJiT76fD1Gk4cufvta3ak%2FhzGGEaFSoiOSCg2IYhB3yhUq8GS0dwrlHVYe4dVOPD96BtrPPhtHxcA7muFEdd%2Bsfb3ivB0aI3%2Fc9NmsuKjfgWFjLNnZ6ym0yQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a522f7c58ab4267-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 11:38:25 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
426 KB 681ms
114ms Script
application/javascript 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: hebrewgoo.shop
URL: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer: https://hebrewgoo.shop/
Origin: https://hebrewgoo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2631938
etag: W/"5e29440867fdb02a48dffded02338c31"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2D8xfE99XAUTmCikIBpOY5SZk5vslHy%2FsnQ2AmXMx%2F4s8uAOTO7B%2FfJkG8mC5loh4dSQCiTZCZDpS%2BWfdd4uv3c1EojbAiM1LQ0%2BysF3t6tfye4M7%2BKdOGZ4utWLpfmT%2FhIWStqinfjhGxNlxOOtTZ4O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8a522f831fc843c4-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 datehead.js Show response
hebrewgoo.shop/js/ 2 KB
1 KB 420ms
419ms Script
application/javascript 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/js/datehead.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2215549496077a7d057c08a85d3fe2609a7268ce1be9c17c8269e8ba49219d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-993"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Wt2PXfEqMugttnk5zS5a6GuFM05VteMbSwCWY5X%2BKRGAh4YQinNp33HZjfXjL8NDUO9YrapQsIP9GO8OK9yNsqGv7R32YnM4AfhdWzqDcATKyRc%2BromL7ut6mM8K8iXSZFNAJK13hFqHi6GxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a522f7c58ac4267-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 11:38:25 GMT

GET
H3 200 logo.png
hebrewgoo.shop/images/ 70 KB
71 KB 334ms
333ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0f5b2cd5f170b66008034343ff81a3f68d217f9d05a9c73a393995cdc18e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 71742
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-1183e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAzKafcGhvEUL0HHic7DCGgA0KP4n4CT4yw0VeT6guBL3xhuCX1jD4FXQs96xbLAVv8nlmnVEix2UBfD5rmKhAM3xcoxAw0WOlZE3Me4wrP9i9gFCFgG1wmgmMbvIYSpS9zOU%2F38%2FVdZGsasmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7c58ae4267-EWR
expires: Thu, 18 Jul 2024 11:38:25 GMT

GET
H3 200 flaglogo.png
hebrewgoo.shop/images/ 2 KB
2 KB 421ms
420ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/flaglogo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1781
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-6f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTLANWzE32aYGjweGiPLU%2BMNI4o4zdLZkpNijy5lvdamY8VHHPrEQTWTRt86pR6Y9EUGiRLIIbyFvz%2Ft%2Fjex5i5%2FJVCq0eTY2Qq%2FvIdrb%2FiwdrHY6hPO393Vx4kcaE4x00YfuUEPOxWJ6BNPXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7c58b04267-EWR
expires: Thu, 18 Jul 2024 11:38:25 GMT

GET
H3 200 product.png
hebrewgoo.shop/images/ 849 KB
849 KB 313ms
308ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/product.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f12b848c302893e70e4f8755d5a0cf3aede858c5c2d31f3e3bcb372c2fc1fc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 868963
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-d4263"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdW6VTBorSRetOSMRkqD5ERCUxj7ls4wK267eHbaMEPBWEbDgTQgykwL8%2Br2bGbnkUlzXlVWer0mI8zunDUIs8v64C2NWBb2lVkL8ywcFpPWOH3eDeVWiKfmSFYp%2FISvf0L2XxvoQXLk8%2B0WZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8bd94267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 loadingBL.gif
hebrewgoo.shop/images/ 122 KB
122 KB 225ms
221ms Image
image/gif 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/loadingBL.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d769b5e89c5845baca4f51f91d02fdf4a4cbeb9db32c30e1c1c1f7a539518216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 124490
last-modified: Thu, 23 May 2024 08:47:52 GMT
server: cloudflare
etag: "664f02b8-1e64a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTy6HiWCGzkA%2FpQB15WmvwRIsfPSlTtcBawrkwmanIZphGl6%2FwgGpTRFTdS2f6Fd6eNhijMa%2Bp08Qj%2BtWVhEPw8H0U069NJynKcxcFjCUrJ2jp%2F82Kmji4ZAxVWB7nFRKSEfH4IckUqqF7WIZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8bdb4267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 prize1.png
hebrewgoo.shop/images/ 849 KB
849 KB 494ms
490ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/prize1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad15a1c8abf4e322a54dd3e3d7284d78d6e7a8cd08d479a33d736664c451925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 868991
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-d427f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PM4KzFfFsdLwmnzHCJKKXRExzcT77du92DQC10MwT65P8NMnNqgMKtNJYoQwygQZlUe0w%2BkSA5zR38eYnuBd7xJ2kHWG0mmYikHaymLM8Xnnzxl6OtLWB9YhDjOiP4DNUMPABrOOaqL8p1ZPlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8bdc4267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 1.jpg
hebrewgoo.shop/images/ 43 KB
43 KB 400ms
397ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43861
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-ab55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34PcsczI1GZCFiDLCRd83RJx7GerZzk80dTHQwC5bkFtU3ax5xT%2BwI2exsMXRGD%2Bbqm6TJl6DaKiW3C4%2BNXWCrKDtl8aDAXJZ4xhaJsYcgM%2F3QJIuuI4fGn%2BVxe20sbvYYPyuPSeImOsbH98Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8bdf4267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 2.jpg
hebrewgoo.shop/images/ 31 KB
32 KB 412ms
409ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31837
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-7c5d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKz5b0n%2Bbiw5lEUiIVE9mT%2FG%2Bb%2B06519gwlv%2BmdbZDewxYMT%2Bs092USyeIjmZf0SIsYSmyGf4WisNYF8S7pLLKLIpN4b21c6lZQfVTXzTqmJv4LIVBRRZ%2FsIYt1Nf5oXXgeIK0Jr8qh9vkN8mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be14267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 comm_pic_1.jpg
hebrewgoo.shop/images/ 133 KB
133 KB 884ms
881ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/comm_pic_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe9894030d91219a28cd448944ee1e68b4a835d0a365bcf7ed8e0eede0a8d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 135845
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-212a5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XgdFCjdk1Lh26OWhHV59no8yW3CpuGWSV0lBOyJAA2t9DspfYvtH8338qQ8%2BittK2wtV4eFbb54MhXzZolYTn1vzYh%2FaDpYiySuLpnHmLRVYhLp%2FoB0q4WUD1VjMMZJgpZSvqkW42WT07yroPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be24267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 3.jpg
hebrewgoo.shop/images/ 64 KB
64 KB 496ms
493ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 65241
last-modified: Thu, 23 May 2024 08:47:54 GMT
server: cloudflare
etag: "664f02ba-fed9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JPI0toSpY%2BnFYIPsTl1kXQWv9PdBvr6%2FUmsBij0Y6xJwO7OiaMBxna8aRt162tEeX%2B9mXhruRh1yy7SqOF87E7Jj6JHtG3LQFcDK706t5eL%2Fm81xAI%2BqVDTYvjjw%2FRBmEi7oz9zhJBY7V3oew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be34267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 4.jpg
hebrewgoo.shop/images/ 36 KB
37 KB 413ms
410ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37344
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-91e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwdPxPFVeHxqm2eQiC9GXrSLpqIWKEy%2FeZcKEzlWQbnjRLwYm%2FkY4NYLgFSkVVRoVCmznP4WxDmphEEURz1sA0mWQhs5ybLESyYiN7y%2Fz9TF%2BrzJDY5ZOeM6aKfW9N%2FaHFSwSDMwHhRkou1zSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be44267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 comm_pic_2.jpg
hebrewgoo.shop/images/ 89 KB
90 KB 496ms
494ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/comm_pic_2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c29bd68979b782c55e08a2d267b302f836a5595591b8755dd61cd979fef8ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 91296
last-modified: Thu, 23 May 2024 08:47:55 GMT
server: cloudflare
etag: "664f02bb-164a0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8JlLfvIF1UZEBIPHZqRSFIgSoqXAfqkhlEMqdbzhaHpPZsro%2B8kDBXHLLKSEtcel6VfI3yMID1nexTr4bSw32ZFCxrg1RbNQb1jJJ1CC1X69zoDcQyyo1hBNFUdBqjnXaa9gvWBkeFCkywWMpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be54267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 5.jpg
hebrewgoo.shop/images/ 44 KB
44 KB 414ms
412ms Image
image/jpeg 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/5.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 44747
last-modified: Thu, 23 May 2024 08:47:52 GMT
server: cloudflare
etag: "664f02b8-aecb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6F4f9kB%2BsUlArI1iOtBJn%2BHghgk1em1YFcOjeu5OADJcFSpiOZI2tmI05y4ms0LHeXPA4Xfb2IxiDU0fXW2mzI3NpcoHkNpftPh3LYfQM76ZUYgvR5Hp8zAAr8HiQAtEqztUSu2uhpwAwoxYsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be64267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 f_guarantee.png
hebrewgoo.shop/images/ 6 KB
7 KB 505ms
503ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/f_guarantee.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Thu, 23 May 2024 08:47:52 GMT
server: cloudflare
etag: "664f02b8-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YooRyuyOCq%2BC9cfBwdZra4V7haMx5W9oi%2FPFR%2B7n%2B9Aqni8aKfFxFJTIec4QHJ4kNC7wv6jJ2ymm0Jz7R9CXx%2FwmQh10E45HaDVd8B5Mv7KGjzLJYFTJVwgN95sTtq3ItO3n3%2FKI2FvHTvZK7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be74267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 f_secure_1.png
hebrewgoo.shop/images/ 10 KB
10 KB 925ms
923ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/f_secure_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9862
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-2686"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2rQgvUpQR5dE2eplBmSNTQ6GY0OxKk1QQ55FiZgX45JjXGiSUm6CA9sf4ysjoZlci2bgAGAqWCz3Cl1nYkZEfwJDr1CMVLMeSdaVx9KItznpEw1RUA6oux04LrPZeDZ0O4PRlBTbqsJOhZoTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be84267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 logo2.png
hebrewgoo.shop/images/ 57 KB
58 KB 926ms
924ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/logo2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4741d1d2864014822db5602ca77825a76f99d4f15716aa65a9f2b414022e4dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 58839
last-modified: Thu, 23 May 2024 08:47:53 GMT
server: cloudflare
etag: "664f02b9-e5d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cauDc1bZ1aquq39ui0oS5veKQzrxjgw45PQZ%2Bg0PfhYzNCT%2B%2FK9g8YoUMzgUt%2FYdJ8dpfswuUKDt5K2htz34NUdQc3n%2BmCZhzfagUFpQLZzq6x%2BMAi0FNAQycVtQXSQU%2B8rYPfS68q01HJFNfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8be94267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 script.js Show response
hebrewgoo.shop/js/ 10 KB
2 KB 497ms
493ms Script
application/javascript 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/js/script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b119c3fc8802873653eb5275e1ec08d9c46205e6fa617fe1b3f244dfa6e935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 23 May 2024 08:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664f02b7-2762"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gZ9%2Fk%2BgddcPtF9boaP5cbF5olNDwg5QLYoxMwKoDlloXXOhcpiFQGmvHp6CfaeQAM%2B%2FV%2B04KXg4Izy4kLteOW9S8VKzz%2BwHCEUFpPz2bMHiQHBeMV1RECXFpd3iCyFqVukAN4fMFHynfA5xjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a522f7f8bde4267-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 bg.png
hebrewgoo.shop/images/ 307 KB
307 KB 948ms
947ms Image
image/png 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hebrewgoo.shop/images/bg.png

Requested by

Host: hebrewgoo.shop
URL: https://hebrewgoo.shop/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace0dbdd1d9dcf52875152da2e63e23d22ef060c3d4e5043216f49e95ec05906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 313941
last-modified: Thu, 23 May 2024 08:47:55 GMT
server: cloudflare
etag: "664f02bb-4ca55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04idZyj0hOIq4LCgdJ1ZcYuoPMTiurLzwryxJ0SrkS8zQa2CZ40g3b6gyjAED6Ug8VLsqv11AJv3JO%2Fzg2AXzCBzNi4sPDdDyQN3fBGMVjSfygP0KS%2BMEz4m67WHQnoG1FrpInG%2FOQ1Fc0Fjgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a522f7f8beb4267-EWR
expires: Thu, 18 Jul 2024 11:38:26 GMT

GET
H3 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 8 KB
3 KB 412ms
129ms Script
application/javascript 2606:4700:3033::6815:5d7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=hebrewgoo.shop

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5d7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17980435bb551ae77fbe94b0316aba370ba562d18d9754672e27e7f62f845d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hebrewgoo.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2518
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Jul 2024 03:31:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGPHSO%2FOemtRa8FUZjb5NttxcA51NZAAZNUVr57dNO4jUP%2F0TRVM6HCqYZuiHUEGxpKgU4gJwM4SVvdzM0LPBpAhAhAWvDM15eCdvb1NyrYXbiwZWXNn2G0dwPuN3ih6BclyExlc7LLVagJI5tBcbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
cf-ray: 8a522f846fc71962-EWR
expires: 0

GET
H3 404 favicon.ico
hebrewgoo.shop/ 555 B
618 B 221ms
220ms Other
text/html 2606:4700:3031::6815:1692
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hebrewgoo.shop/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1692 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2207c76354fea52955f22eb5c778857be502b966f2646b48cb458a56efb553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 11:38:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B39nu0fD0kAEFQU%2FKkVyCXdxv19lyg6IdnaCUZy6TpWSFvl7m0VEj4MDDnyM7lsiZLerUN9dOCd6TR4pw5T9xyUBUips%2FBZh6OLfYplmUjARpKEfGuELPTXC%2FLDwbwEJTdD%2BgS603Al9IXKgmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
permissions-policy: interest-cohort=()
cf-ray: 8a522f8629ad4267-EWR
alt-svc: h3=":443"; ma=86400

POST
H3 200 oldwq28odz
event.trk-consulatu.com/register/event_log/ 0
0 107ms
106ms Fetch 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/oldwq28odz

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=hebrewgoo.shop

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hebrewgoo.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 18 Jul 2024 11:38:29 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijieJMr7rJhWx1xq6KHuKYQUkTKwBE0KzK11sMdDzc0YePSKnZWAamdiLy%2FZnmMNJM2wBMFmx0C0jMdTA9wRbZbK2P1yOxVKupFRTzgt%2F619VqZVI6UvDBkfKnA7WXiydpVOcAzr0%2BMfpdT2z828dEqRQn5LKA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8a522f8cab0619eb-EWR
x-pushplatformapp-params

OPTIONS
H3 200 oldwq28odz
event.trk-consulatu.com/register/event_log/ 0
0 377ms
112ms Preflight 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/oldwq28odz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hebrewgoo.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a522f8bfab319eb-EWR
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Thu, 18 Jul 2024 11:38:29 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LETt4rd%2FqGTH%2B2OI1QiMQtLTlHbGV08OUHYw6D4v%2FRkZqUXdDXm1D8qST6MA5HAKO5xrW4d7OihNzuZ83bY%2BSDWSrgTgYa1KpjYW0JIDZGW7g5qg%2BqF3RVhVeLSuVqv5ZcAYX6GDtmECcb3VAOHPgvinXPKo5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 oldwq28odz
event.trk-consulatu.com/register/event_log/ 0
0 104ms
102ms Fetch 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/oldwq28odz

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=hebrewgoo.shop

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hebrewgoo.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 18 Jul 2024 11:38:30 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6hFatIFgIBdEReEOkDXRGIN7exok0E5Ogi9zZN9d80FObuj6YXN%2F%2FSaQu2XCLHsY2toB8Bq4j%2BxeTcNRsgnqzI6sqZVhuyhkYIkhsAgKh14R5kNWsbeAQzWoSrYO524xXUwnDjg4GYuiGVpJtDski2nCnNbJg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8a522f947f9c19eb-EWR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.route2content.com/	1970-01-20 22:09:49	Name: uniqueClick_25XCWZJM Value: 403cf856-251e-46dd-bdc8-d834996eeec3:1721302705
www.route2content.com/	1970-01-21 00:17:58	Name: transaction_id Value: 60c2fbdf43874d96bcbd540d9625b6bd
hebrewgoo.shop/	1969-12-31 23:59:59	Name: SESSIONIDS Value: lbnLOVa1lR

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hebrewgoo.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://hebrewgoo.shop/?encoded_value=279768Q&sub1=2bbffae207e14a6bb8a8c0c5db14c3dc&sub2=&sub3=&sub4=&sub5=18598&source_id=1621&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.route2content.com Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
hautgame.com
hebrewgoo.shop
s3.amazonaws.com
trk-consulatu.com
use.fontawesome.com
www.extensivelead.com
www.route2content.com
2606:4700:3031::6815:1692
2606:4700:3032::ac43:d1d6
2606:4700:3033::6815:5d7a
2606:4700:3035::ac43:b175
2606:4700:3035::ac43:dc0f
2606:4700:3036::6815:1b98
52.217.98.22
82.131.160.168
2215549496077a7d057c08a85d3fe2609a7268ce1be9c17c8269e8ba49219d8d
28b119c3fc8802873653eb5275e1ec08d9c46205e6fa617fe1b3f244dfa6e935
385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443
3aa279c0cffdb7a0988b918d6fc1789776baf44f6072e5caa6c38caecae30b3d
3c29bd68979b782c55e08a2d267b302f836a5595591b8755dd61cd979fef8ffd
4741d1d2864014822db5602ca77825a76f99d4f15716aa65a9f2b414022e4dfc
5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76
5c0f5b2cd5f170b66008034343ff81a3f68d217f9d05a9c73a393995cdc18e4c
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8fe9894030d91219a28cd448944ee1e68b4a835d0a365bcf7ed8e0eede0a8d5d
9d356043132fc7d3b91bdc65041830a2ed5ed95ac6dabbf4c268a70edf047952
ace0dbdd1d9dcf52875152da2e63e23d22ef060c3d4e5043216f49e95ec05906
ad15a1c8abf4e322a54dd3e3d7284d78d6e7a8cd08d479a33d736664c451925c
ba2207c76354fea52955f22eb5c778857be502b966f2646b48cb458a56efb553
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d17980435bb551ae77fbe94b0316aba370ba562d18d9754672e27e7f62f845d9
d769b5e89c5845baca4f51f91d02fdf4a4cbeb9db32c30e1c1c1f7a539518216
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f12b848c302893e70e4f8755d5a0cf3aede858c5c2d31f3e3bcb372c2fc1fc6c
fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7

hebrewgoo.shop Open in urlscan Pro 2606:4700:3031::6815:1692 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

5 IPs

2 Countries

3169 kBTransfer

4015 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hebrewgoo.shop Open in urlscan Pro
2606:4700:3031::6815:1692 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

5
IPs

2
Countries

3169 kB
Transfer

4015 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!